WannaCry – New Kill-Switch, New Sinkhole

 
Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware. In the last few hours we witnessed a stunning hit rate of 1 connection per second. Registering the domain activated the kill-switch, and these thousands of to-be victims are safe from the ransomware’s damage. Our research shows that the kill-switch works the same as in earlier versions, and the rest of the code is similar to the older versions. New kill-switch: ...

WannaCry – Paid Time Off?

 
Let us open with a TL;DR – DO NOT pay the ransom demanded by the WannaCry ransomware! Now, let us explain why: As of this writing , the 3 bitcoin accounts associated with the WannaCry ransomware have accumulated more than $33,000 between them. Despite that, not a single case has been reported of anyone receiving their files back. The decryption process itself is problematic, to say the least. Unlike its competitors in the ransomware market, WannaCry doesn’t seem to have a way of associating a payment to the person making it. Most ransomware, such as Cerber, generate a unique ID and bitcoin wallet for each victim and thus know who to send the decryption keys to. WannaCry, on ...