WannaCry (WannaCrypt) Ransomware Encrypts Victim Data
RISK: Extremely High Risk
TYPE: Operating Systems - Windows OS
A new variant of ransomware known as WannaCry (WannaCrypt) is spreading quickly, through a Windows SMB vulnerability (EternalBlue and DoublePulsar). HKCERT was aware that there is a widespread overseas.
Note: The vulnerability is being exploited to spread the ransomware attack.
- WannaCry encrypts files on victims’ computers and adds a .WCRY file extension to them.
- Files on network drives are affected.
- Data will be unrecoverable due to encryption by ransomware.
System / Technologies affected
- Windows 10 and prior (SMB v1)
- Windows Server 2016 and prior (SMB v1)
To protect yourself from WannaCry ransomeware and mitigation after infection, please refer to:
- No CVE information is available