Trojans are dead
Surprisingly, a country with few computers and no internet is supposed to be responsible for the global WannaCry attack.
This is suggested by program codes, which were already included in the North Korean attack on Sony Pictures.
In addition, the spread of ransomware appears to be stopped.
The IT experts of security companies such as Symantec and Kaspersky have found in the source codes of the WannaCry software passages, which was already contained in the Ransomware, which was blackmapped in November 2014 Sony Pictures.
In 2014, Korean hackers attacked Sony Pictures Hacker had paralyzed the entire IT infrastructure at Sony Pictures for several days.
On the workplace computers appeared the message that the devices had been captured by a group called Guardians of Peace.
The captured data several terabytes subsequently landed on the Internet.
In addition to films appeared there also salary lists and e-mails. Even an unpublished break-up for a James Bond film captured the hackers at that time.
In addition, the attackers demanded that Sony Pictures stop the North Korean comedy “The Interview”. The film had just started.
In the film, the North Korean government is made fun of.
In this, TV journalists get an interview with the leader Kim Jong-un and are tasked to kill him.
At that time, North Korea was suspected of being behind the attack ,the state in which there were only 28 websites.
Earlier program lines in WannaCry dipped Parts of the code used at that time have now also reappeared in WannaCry.
However, some experts believe it is dared to target North Korea for the global attack.
Because just as well, other hackers can copy the passages and incorporate them into their malicious software, to blur the tracks and distract them.
The code snippets were also seen in other attacks, such as the central bank in Bangladesh 2016 and a bank in Poland three months ago.
Chaos at the start of the week has stopped In the meantime the feared chaos did not occur at the beginning of the week.
Although more than 200,000 companies, organizations and private computers are to be infected worldwide, the Trojan has not spread. O
n the weekend, a 22 year old IT specialist in Great Britain had taken care of this.
Actually, the Briton had free, but sat down at his calculator, when he heard of the WannaCry attack.
He discovered with colleagues that the program code contains a URL that was not registered yet.
When WannaCry contacted the URL, it triggered an error message, which led to the propagation.
After the Briton had registered the web address and there were no error messages, the propagation was stopped. WannaCry is dead.
Update previous Windows programs Therefore, it has remained quiet so far, massive damage did not exist in Germany, as far as this can be overlooked.
However, there should be a whole series of computers, which had activated the program as an e-mail attachment before the Trojan was switched off and whose data are now encrypted.
According to current information the payment of the required ransom does not use, the computers remain encrypted.
Since usually only helps to re-load the operating system and software, and also the security package from Microsoft necessarily download.
Because of WannaCry are only versions of the Windows operating system from XP to 8.1, which were not updated in March. Here again the link to the update.