• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2017
  • May
  • 13
  • World Biggest Ransomware Attack Hits 74 Countries

World Biggest Ransomware Attack Hits 74 Countries

May 13, 2017May 13, 2017 Comments Off on World Biggest Ransomware Attack Hits 74 Countries
download nsa ransomware download nsa tools nsa hack tools from shadowbrokers nsa ransomware shadowbrokers ransomware hack

World Biggest Ransomware Attack Hits 74 Countries

  • Approx 74 countries affected
  • Currently, 45000 computers are infected
  • Many Hospitals have reported about Ransomware Attack.
  • Ransomware Using NSA Windows Exploit
  • Cyber attackers ask Ransom in return of Bitcoin payment address.

Kaspersky detected and successfully blocked a large number of Ransomware attacks around the world, data is encrypted with the extension “.WCRY” added to the filenames.

Kaspersky analysis indicates the attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows. This exploit (codenamed “EternalBlue”) has been made available on the internet through the Shadowbrokers dump on April 14th, 2017 ( you can read our post here about the dumps and downloads) and patched by Microsoft on March 14.

But many organizations who did not patch their systems are open to Ransomware attacks.

Currently recorded more than 45,000 attacks of the WannaCry ransomware in 74 countries around the world, mostly in Russia.

Image source: Kaspersky

British Prime Minister  Theresa May said, “We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack. This is not targeted at the NHS, it’s an international attack and a number of countries and organisations have been affected,” May said, referring to the country’s National Health Service.
“The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organisations concerned and that they protect patient safety,” May added.

A official statement from National Health service (NHS)

A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack.
The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.
This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.
At this stage we do not have any evidence that patient data has been accessed.
NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected.
Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available.

According to Telegraph, Andrea Zapparoli Manzoni, a senior manager in the Information Risk Management division of Kpmg Advisory in Italy, said: “The ransomware attack is happening in a haphazard fashion and is hitting every country in the world, including Italy.”This particular ransomware contains a vulnerabilty, called Eternal Blue, which was developed in U.S. intelligence circles and was then stolen. That gives you an idea about why the level is risk is particularly high. The aim isn’t to hit any specific country but to strike as widely as possible to make money.”

Hospitals were a prime target, Manzoni said, because “they are very vulnerable to cyber attacks and ready to pay because they cannot afford any shutdowns.”

International shipping company FedEx also gets affected like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware,” a spokeswoman said in a statement. “We are implementing remediation steps as quickly as possible.”
The ransomware, a variant of WannaCry, infects the machine by encrypting all its files and, using the vulnerability MS17-010 using EternalBlue that allows the execution of remote commands through Samba (SMB) and is distributed to other Windows machines in That same network.
As stated in the threat report on Ransomware, making the payment for the rescue of the equipment does not guarantee that the attackers send the decryption utility and / or password, only rewards their campaign and motivates them to continue massively distributing this type of Harmful code
In case of having been affected by this campaign and did not have backups, it is recommended to keep the files that had been encrypted by the sample of ransomware before disinfecting the machine, since it is not possible that in the future a tool appeared That would allow to decipher the documents that would have been affected.
 
The file extensions that the malware is targeting contain certain clusters of formats including:
  • Commonly used office file extensions (.ppt, .doc, .docx, .xlsx, .sxi).
  • Less common and nation-specific office formats (.sxw, .odt, .hwp).
  • Archives, media files (.zip, .rar, .tar, .bz2, .mp4, .mkv)
  • Emails and email databases (.eml, .msg, .ost, .pst, .edb).
  • Database files (.sql, .accdb, .mdb, .dbf, .odb, .myd).
  • Developers’ sourcecode and project files (.php, .java, .cpp, .pas, .asm).
  • Encryption keys and certificates (.key, .pfx, .pem, .p12, .csr, .gpg, .aes).
  • Graphic designers, artists and photographers files (.vsd, .odg, .raw, .nef, .svg, .psd).
  • Virtual machine files (.vmx, .vmdk, .vdi).
Edward Snowden reacts on Twitter

How To Protect?

  • Update your Windows Latest Version now.
  • Backup your files now

Post navigation

Apple and Facebook Behind The Shutting Down of KickassTorrents
Protect Against WannaCry: Microsoft Issues Patch for Unsupported Windows

Related Articles

Austrian Resold Drugs Purchased on The Dark Web

Austrian Resold Drugs Purchased on The Dark Web

- Dark Web News
January 29, 2023
Former Doctor Imprisoned for Attempting to Hire Hitmen

Former Doctor Imprisoned for Attempting to Hire Hitmen

- Dark Web News
January 26, 2023
Counterfeit Oxycodone Vendor “MadHatterPharma” Pleads Guilty

Counterfeit Oxycodone Vendor “MadHatterPharma” Pleads Guilty

- Dark Web News
January 22, 2023
hacker gadgets
hacker phone covers

Recent Posts

DFShell - The Best Forwarded Shell

DFShell – The Best Forwarded Shell

January 30, 2023
APT-Hunter v3.0 releases: Threat Hunting tool for windows event logs

APT-Hunter v3.0 releases: Threat Hunting tool for windows event logs

January 30, 2023
Hackers are exploiting CVE-2023-0558 and CVE-2023-0557 in WordPress plugin

Hackers are exploiting CVE-2023-0558 and CVE-2023-0557 in WordPress plugin

January 29, 2023
Yaralyzer - Visually Inspect And Force Decode YARA And Regex Matches Found In Both Binary And Text Data, With Colors

Yaralyzer – Visually Inspect And Force Decode YARA And Regex Matches Found In Both Binary And Text Data, With Colors

January 29, 2023
Austrian Resold Drugs Purchased on The Dark Web

Austrian Resold Drugs Purchased on The Dark Web

January 29, 2023
SSTImap - Automatic SSTI Detection Tool With Interactive Interface

SSTImap – Automatic SSTI Detection Tool With Interactive Interface

January 28, 2023

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Join Our Community!

Please wait...
Get the latest News and Hacking Tools delivered to your inbox.
Don't Worry ! You will not be spammed

Active Members

Submit a Tool

Hackers Handbook 2018


Grab your copy here

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW