New Kill-Switch, New Sinkhole

ByCheck Point Threat Intelligence and Research team

Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware.

In the last few hours we witnessed a stunning hit rate of 1 connection per second.

Registering the domain activated the kill-switch, and these thousands of to-be victims are safe from the ransomware’s damage.

Our research shows that the kill-switch works the same as in earlier versions, and the rest of the code is similar to the older versions.

New kill-switch: ayylmaotjhsstasdfasdfasdfasdfasdfasdfasdf[.]com

MD5: 4287E15AF6191F5CAB1C92FF7BE8DCC3

AI Attacks Are No Longer Experimental: Key Findings from the March-April 2026 AI Threat Landscape

Between late December 2025 and mid-February 2026, Gambit found that ...

Exposure Management May 18, 2026

Hacktivists, Ransomware, and a 124% Surge Across DACH

Hacktivism and ransomware targeting organizations across Germany, Austria, and Switzerland ...

Research May 14, 2026

Before the First Whistle: How Cyber Criminals Are Targeting World Cup 2026

The FIFA World Cup 2026 is one of the most anticipated sporting ...

Research May 13, 2026

When the Ransomware Gang Gets Hacked: What the Gentlemen Leak Reveals About Modern Ransomware Risk

Key Findings The Gentlemen RaaS has 400+ public victims and ...

You may also like

AI Attacks Are No Longer Experimental: Key Findings from the March-April 2026 AI Threat Landscape

Hacktivists, Ransomware, and a 124% Surge Across DACH

Before the First Whistle: How Cyber Criminals Are Targeting World Cup 2026

When the Ransomware Gang Gets Hacked: What the Gentlemen Leak Reveals About Modern Ransomware Risk