WannaCry ransomware: All you need to know

The Ransomware WannaCry broke new grounds to show how digitally vulnerable we are – using NSA’s spyware to infiltrate MS Windows and possibly holding to ransom an unreleased Disney film. Last year, ransomware extorted over $1 billion from victims. ET Magazine looks at the extortionists of the new millennium:


The current attack by ransomware WannaCry is considered the worst ever, with newer versions appearing even as solutions are found to deal with existing versions.

  1. It surfaced on May 12, exploiting weaknesses in older versions of Windows, especially Windows XP, and locking computers and servers, demanding payments for unlocking them.
  2. The weakness of Windows was fi rst found by US surveillance agency NSA. Tools developed by the NSA were outed by hacking group ShadowBrokers in mid-2016. The Wannacry creators have used these tools to infi ltrate Windows.
  3. A kill-switch for WannaCry was accidentally found, but newer versions seem to have been launched that corrected this flaw.
  4. The ransomware has demanded payments in bitcoins, equivalent to $300-600. More than 200,000 computers/servers were affected in 150 countries.

Lazarus Group

A North Korea-based cybercrime group is being suspected for perpetrating the WannaCry attack. They have been associated with Operation Troy that targeted the South Korean government in 2009-12, the attack on Sony Pictures in 2014 and on the Bangladesh Bank earlier this year
Rogues gallery: Cyber extortionists

AIDS Trojan

The first recorded ransomware attack was in 1989 and was distributed on fl oppy disks sent via post. These supposedly measured a person’s risk of contracting AIDS but had a virus that encrypted data once the PC was restarted 90 times. It then demanded payment of $189 or $378 to be sent to a PO Box in Panama.


The most prominent ransomware and probably the most damaging till date. It affected 250,000 systems between Septembber and November 2013 and made $3 million for its creators. In 2014, the Gameover Zeus botnet, which was behind CryptoLocker, was destroyed in a concerted global operation.


After CryptoLocker was taken down, clones became active. CryptoWall and Torrentwall dominated between 2014 and 2016. By mid-2015 CryptoWall had extorted in excess of $18 million.


By February 2016, Locky replaced Cryptowall as the most actively spread ransomware
TeslaCrypt or Alpha Crypt
It demanded payments in bitcoins as well as through conventional platforms like Pay-Pal. It is said to have extorted over $70,000 in 2015


In March 2016, it emerged as a more sophisticated version of ransomware encrypting the master fi le table, rendering the computer unusable


A later ransomware that deletes thousands of fi les for every hour that ransom is not paid.

The malware primer

Malware: A short form for malicious software that is used to disrupt any computer operation to gain information or steal money.
Ransomware : Software programmes or malware that are designed to deny access to data and information on a system. Often they demand a payment to undo these changes. Ransom amounts averaged around $300 in the last decade but are now hovering around $500 mark. Often, the demand is doubled if it is not met by the deadline
Botnet : A bot or a web robot is a malware that allows an attacker to take over a computer. A computer taken over by a bot is often referred to as a zombie computer. A botnet is a network of similar computers
DDoS : Distributed Denial of Service is called the older cousin of ransomware, where hackers overwhelm a machine or a server with traffi c from multiple compromised systems. A DDoS struck the servers of Dyn, which controls a lot of the domain name system (DNS) infrastructure, in 2016

Famous victims of wannacry

  1. French car maker Renault UK’s National Health Service Russia’s Interior Ministry.
  2. Disney CEO Robert Iger said a hacker group has threatened to release one of its upcoming movies (suspected to be the new Pirates of the Caribbean or Cars 3 ) unless a ransom is paid in bitcoins. It is not clear if it is the same hacker group behind WannaCry.
  3. The Tirupati Temple Trust reported that quite a few of its computers were affected by WannaCry as was the Andhra Pradesh Police.

Source: www.gadgetsnow.com


Shashank Tiwari

Shashank Tiwari is a writer from India and the Tech Explained editor. In his free time he dabbles in fiction, photography, and game development.

Notify of
Inline Feedbacks
View all comments