New Kill-Switch, New Sinkhole
Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware.
In the last few hours we witnessed a stunning hit rate of 1 connection per second.
Registering the domain activated the kill-switch, and these thousands of to-be victims are safe from the ransomware’s damage.
Our research shows that the kill-switch works the same as in earlier versions, and the rest of the code is similar to the older versions.
New kill-switch: ayylmaotjhsstasdfasdfasdfasdfasdfasdfasdf[.]com
MD5: 4287E15AF6191F5CAB1C92FF7BE8DCC3
You may also like
Navigating the Evolving Threat Landscape Ahead of Black Friday
As Thanksgiving and Black Friday approach, so do the risks ...
Spotlight on Iranian Cyber Group Emennet Pasargad’s Malware
Executive Summary On October 21, 2024, multiple emails impersonating the ...
Hamas-linked Threat Group Expands Espionage and Destructive Operations
Check Point Research has been monitoring the ongoing activities of ...
October 2024’s Most Wanted Malware: Infostealers Surge as Cyber Criminals Leverage Innovative Attack Vectors
Check Point Software’s latest threat index reveals a significant rise ...