- Joined
- May 18, 1997
- Messages
- 55,724
In-house HardOCP security analysts have passed along some very interesting information this morning. It would seem to them that first and foremost multiple Bitcoin keys are being noted in new versions of the WannaCry RansomWorm which has evolved into what is being billed as the "Uiwix RansomWorm." It is using the same vulnerabilities that WannaCry did, however the killswitch has been removed from this variant, making it not near as easy to shut down as the previous variant. Be advised that there are other variants of WannaCry emerging, but with new killswitches exposed that are being used.
So it looks as if third parties are getting hold of the WannaCry source and editing out the killswitch via hex. And our experts suggests that after looking over the code in some of the new variants is looks "very sloppy" compared to the original suggesting that more folks are showing up to expose this vulnerability, for fun, and not just for profit.
The only way to successfully stop this from happening is to make sure your Windows machines are patched.
So it looks as if third parties are getting hold of the WannaCry source and editing out the killswitch via hex. And our experts suggests that after looking over the code in some of the new variants is looks "very sloppy" compared to the original suggesting that more folks are showing up to expose this vulnerability, for fun, and not just for profit.
The only way to successfully stop this from happening is to make sure your Windows machines are patched.