My Thoughts On WannaCry / WannaCrypt Malware

Channel:

quidsup

Subscribers:

54,600

Published on May 17, 2017 10:46:46 PM ● Video Link: https://www.youtube.com/watch?v=bkgHOMNeOrQ

Duration: 13:20

8,262 views

291

#WannaCry cryptolocker worm has been running rampant exploiting Windows SMBv1 file sharing.
The basic exploit was called #EternalBlue and was developed by the NSA. A group of hackers (possibly North Korean) packaged the exploit with Crypto locker, which encrypts documents on your hard drive and demands payment of $300 worth of BitCoin to decrypt the files.

Sources:
https://en.wikipedia.org/wiki/EternalBlue
https://isc.sans.org/forums/diary/WannaCryWannaCrypt+Ransomware+Summary/22420
https://isc.sans.edu/port.html?port=445
https://intel.malwaretech.com/botnet/wcrypt/?t=1h&bid=all
https://www.theregister.co.uk/2017/03/15/microsoft_massive_patch_tuesday_bundle/
https://www.theregister.co.uk/2017/05/16/microsoft_stockpiling_flaws_too/
http://www.theregister.co.uk/2017/05/13/wannacrypt_ransomware_worm/
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
https://www.nytimes.com/2017/05/15/world/asia/china-cyberattack-hack-ransomware.html
https://www.nytimes.com/2017/05/15/business/china-ransomware-wannacry-hacking.html?_r=0
https://www.theregister.co.uk/2017/05/16/wannacrypt_north_korea_theory/
https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/
https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/