Cyber genius halts global ransomware attack with shocking solution


A malicious cyber attack traveled swiftly across the globe Friday, causing massive disruptions and locking users out of their systems unless they paid $300 in BitCoin, has been effectively curbed after one cyber expert found a creative solution to outsmart the hackers… and it cost him less than $11.

More than 75,000 computers in 99 countries were compromised by the cyber attack, with a heavy concentration in the UK, U.S., China, Russia, Spain, Italy and Taiwan.

The mastermind who figured out how to outsmart the architects of the nasty “WannaCry” Internet worm is a British researcher known by the Twitter handle @MalwareTechBlog.

The cyber genius reportedly discovered a “kill switch” embedded in the malware by its creators, in case things went awry.

He determined the kill switch was a domain address, in the event that malware was directed to attack that address, its spread would drastically slow down.

The researcher also discovered the domain name was a fake, meaning the cyber crooks failed to register it or set it up on a server. So, he took matters into his own hands and decided to register it himself on for $10.69, then set it up on a server based in Los Angeles.

After taking control of the domain, the researcher brought the malware’s propagation to a sudden halt once it was connected to his server.

However, he warns it may only be a temporary fix if the cyber crooks find a way around the Los Angeles server.

“I will confess that I was unaware registering the domain would stop the malware until after I registered it, so initially it was accidental,” wrote @MalwareTechBlog. “So long as the domain isn’t revoked, this particular strain will no longer cause harm, but patch your systems ASAP as they will try again.”

The tens of the thousands of computers affected in the ransomware attack all had one common denominator: computers running on old versions of the Windows operating system.

To prevent the further spread of this malware attack, @MalwareTechBlog advises that people update their Windows systems to the latest version, which contains a patch for this particular vulnerability and added detection measures.

Aleks Gostev, a chief cyber security expert for Kaspersky Labs claims that Russian-language cyber criminals were likely the culprits behind Friday’s attack, as reported on Bloomberg.

“Ransomware is traditionally their topic,” he said. “The geography of attacks that hit post-Soviet Union also suggests that.”

H/T: New York Post, Bloomberg

If you would like to receive Breaking News text alerts on a smartphone or tablet, download the DML APP which is completely FREE and easy to use. Go to the Google Play Store or the IOS App Store and search for DML APP. Be sure to keep the app’s notifications setting on. Another way to receive alerts is to text to 40404 the following message: follow @realdennislynch (be sure to put a space between the word follow and the @ symbol).

To see more stories like this, sign up below for Dennis Michael Lynch’s email newsletter.


Comment via Facebook

Send this to a friend