Active Stocks
Thu Mar 28 2024 15:59:33
  1. Tata Steel share price
  2. 155.90 2.00%
  1. ICICI Bank share price
  2. 1,095.75 1.08%
  1. HDFC Bank share price
  2. 1,448.20 0.52%
  1. ITC share price
  2. 428.55 0.13%
  1. Power Grid Corporation Of India share price
  2. 277.05 2.21%
Business News/ Technology / News/  WannaCry threat remains rampant; 6,963 variants found in August 2019: Sophos
BackBack

WannaCry threat remains rampant; 6,963 variants found in August 2019: Sophos

In August 2019, 4.3 million WannaCry infection attempts worldwide were stopped by Sophos-protected endpoints, out of which 8.8% were located in India,

Over 12,480 unique variants were observed by Sophos in late 2018, and 6,963 in August 2019 (80% of them new) (Photo: iStock)Premium
Over 12,480 unique variants were observed by Sophos in late 2018, and 6,963 in August 2019 (80% of them new) (Photo: iStock)

In August 2019, 4.3 million WannaCry infection attempts worldwide were stopped by Sophos-protected endpoints, out of which 8.8% were located in India, according to a new report 'WannaCry Afterschock' on what happened to the malware after the attack began on May 12, 2017.

The research by SophosLabs shows that the WannaCry threat remains rampant, with millions of infection attempts stopped every month, and that while the original malware has not been updated, many thousands of short-lived variants are in the wild.

For instance, 12,480 unique variants were observed by Sophos in late 2018, and 6,963 in August 2019 (80% of them new).

The continued existence of the WannaCry threat is largely due to the ability of these new variants to bypass the ‘kill switch.’ However, when Sophos researchers analyzed and executed a number of variant samples, they found that their ability to encrypt data was neutralized as a result of code corruption.

Because of the way in which WannaCry infects new victims – checking to see if a computer is already infected and, if so moving on to another target – infection by an inert version of the malware effectively protects the device from being infected with the active strain. In short, new variants of the malware act as an accidental vaccine, offering still unpatched and vulnerable computers a sort of immunity from subsequent attack by the same malware.

However, the very fact that these computers could be infected in the first place suggests the patch against the main exploit used in the WannaCry attacks has not been installed – a patch that was released more than two years ago.

The original WannaCry malware was detected just 40 times and since then SophosLabs researchers have identified 12,480 variants of the original code. Closer inspection of more than 2,700 samples (accounting for 98% of the detections) revealed they had all evolved to bypass the ‘kill switch’ – a specific URL that, if the malware connects to it, automatically ends the infection process – and all had a corrupted ransomware component and were unable to encrypt data.

Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!

Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less
Published: 19 Sep 2019, 06:13 PM IST
Next Story footLogo
Recommended For You
Switch to the Mint app for fast and personalized news - Get App