The infamous Wannacry blackmailer virus has now been changed and is spreading in new versions.
The extortion software, which encrypts all data on an infected computer and only releases it again against payment of a ransom, makes use of a security hole in the Windows operating system. Over 200,000 computers worldwide are affected and paralyzed. By chance, a kill switch was found in the first version of the Wannacry virus and the first wave was stopped.
Unfortunately, the fears of many security experts have proven to be correct, and several new, modified versions of the malware are now in circulation. Some of them without the kill switch, i.e. without the possibility of switching it off again.
One of the more dangerous new flavors is called Uiwix and it exploits the same security flaw in Windows for proliferation. Since the encrypted data, which is “held hostage” in this case, was given the ending .uiwix, this is how the name of this virus variant came about.
Affected users are sent in a text to websites in the Tor network, where information is available on how to rescue the data. The ransom per computer is ~ 192 euros and is required in bitcoins.
Authorities and IT experts are now looking for the perpetrators of the aforementioned attack worldwide. A New York Times report suggesting links to North Korea has not yet been confirmed. The background to this assumption is the existence of a code snippet within Wannacry. The lines of code were also used in an earlier cyber attack by the Lazarus hacker group. However, so far these are all just rumors.
A few brief tips on how you can protect yourself from the Wannacry virus:
- Be careful with email attachments of any kind. Most of the blackmail viruses infiltrate themselves as email attachments. Deactivates the macro function for documents that you download from the Internet.
- Data backup - Regular backups minimize data loss
- Use the latest software. Older software, including operating systems such as Windows XP, are no longer updated and security gaps remain.
- A current virus scanner