Highest Voted 'wannacry' Questions - IT Security Stack Exchange

250

votes

10 answers

How is the "WannaCry" Malware spreading and how should users defend themselves from it?

There's a new strain of attacks which is affecting a lot of systems around the world (including the NHS in the UK and Telefonica in Spain) which is being called "WannaCry" amongst other names. It seems to be a both a standard phishing/ransomware…

malware ransomware wannacry

asked May 12 '17 at 19:02

Rory McCune

60,923
14
136
217

65

votes

3 answers

What happens if you run WannaCry after installing the necessary patches?

I understand that WannaCry spreads itself by exploiting the SMBv1 vulnerability, which is fixed by patch MS17-010. Does this mean that even with the patch installed, WannaCry can still infect the computer--if the user downloads and executes it--but…

malware ransomware wannacry

asked May 22 '17 at 04:36

Lh Lee

647
1
5
5

26

votes

3 answers

Does WannaCry infect Linux?

After reading this question, now, I am wondering if WannaCry malware can infect Linux OS especially Ubuntu. One of the answers talked about SMB2 and windows. Does it mean a Linux based computer is safe? (Beside the side effects, Wine, and being a…

malware linux ransomware wannacry cross-platform

asked May 14 '17 at 03:37

rajab

279
1
3
4

16

votes

1 answer

How does the EternalBlue Exploit Work?

I've casually googled for explanations on how exactly the EternalBlue exploit works but, I suppose given the media storm about WannaCry, I've only been able to find resources that at best say it's an SMB exploit. I get that there was a bug in…

windows exploit vulnerability wannacry samba

asked May 16 '17 at 20:31

butallmj

281
1
2
5

15

votes

4 answers

Has anybody successfully decrypted their files after paying the WannaCrypt ransom?

WannaCrypt is a shot heard 'round the world, for sure. I have seen news articles saying that people have paid more than $20,000 in ransoms. Here's one from Krebs: Global ‘Wana’ Ransomware Outbreak Earned Perpetrators $26,000 So Far But my question…

decryption ransomware wannacry

asked May 17 '17 at 15:25

SDsolar

977
1
6
25

8

votes

2 answers

Does Wannacry spread outside its private subnet to adjacent private subnets?

Does a Wannacry-infected computer on an internal network with a private IP address attempt to spread to other privately-addressed subnets? I have not found a definitive answer online. Cisco says: The first thread checks the IP address of the…

wannacry

asked May 25 '17 at 11:01

Stephen Craven

201
1
3

6

votes

3 answers

Spectre and Meltdown being used in large scale attack on unpatched systems

Do we have to be worried about Spectre and Meltdown being used for a large scale attack like Wannacry? Even though the patches coming out are being deployed to a most recent systems, there will inevitably be A LOT of systems that won't be patched.…

wannacry meltdown spectre

asked Jan 05 '18 at 21:31

A. C. A. C.

201
1
2

5

votes

2 answers

Are we safe from infection of Bad Rabbit?

I'm doing an assessment on the potential outspread of Bad Rabbit in our organization. Our staff do not have admin privileges on their host machines. We have also blocked the IOCs. Am I safe to say without admin privileges, the ransomware wouldn't be…

malware ransomware wannacry mimikatz

asked Oct 25 '17 at 01:14

George

739
1
6
22

5

votes

1 answer

What happens if a Dropbox folder is encrypted by WannaCrypt / WannaCry?

Does one's Dropbox "data in the cloud" also get encrypted?

ransomware cloud-storage wannacry dropbox

asked May 18 '17 at 00:01

thanks_in_advance

187
5

5

votes

2 answers

Does EMET prevent WannaCry exploit execution?

Based on answers to the question How is the “WannaCry” Malware spreading (...), I understand it leverages vulnerabilities present in the SMB implementation. Assuming an unpatched and otherwise vulnerable system, would EMET (properly set-up to…

windows malware ransomware wannacry emet

asked May 17 '17 at 04:16

Marc.2377

594
3
10

5

votes

1 answer

How to reverse engineer WannaCry?

I was reading an article today about a Google researcher linking the WannaCry malware to the earlier malware Cantopee. I had two primary questions based on the contents of the article. What do the numbers/addresses represent in this image? Can…

malware ransomware reverse-engineering wannacry

asked May 16 '17 at 23:59

mdo123

153
3

4

votes

1 answer

Why was the NX bit unable to stop WannaCry?

I'm working on a presentation to give to high school computer science students where I work at as a volunteer. Part of the presentation is on local and network exploits. I am planning to talk about a story where years ago I was able to get root…

wannacry

asked May 27 '18 at 22:55

Shaun Miller

43
3

4

votes

1 answer

WannaCry Source Code

Maybe this is a stupid question: Is the WannaCry source code public? https ://github.com/svenvdz/wannacry https: //github.com/Hackstar7/WanaCry https: //github.com/fadyosman/WannaCrySample I didn't really find anything on github or google. Is the…

virus ransomware source-code wannacry worm

asked Aug 21 '17 at 17:44

user157308

41
1
2

4

votes

0 answers

What does Memory Scanning refer to in the Context of Malware Detection Wanna Cry

When reading https://www.zionsecurity.com/sites/default/files/what_to_expect_from_your_antivirus.pdf It mentions: It is almost impossible to protect against new malware that will use the EternalBlue exploit to propagate except when using…

antivirus antimalware wannacry

asked Aug 07 '17 at 21:43

ilikeyoyo

53
3

4

votes

1 answer

How can Malware authors be determined?

My question is: How can we make any conclusions about malware authors at all, when anyone could just get sample malware online, copy paste the parts they like, and add their own parts to it? Obviously there are many types of malware this question…

malware assembly wannacry

asked Jun 06 '17 at 18:27

PositriesElectron

1,595
1
13
17

Questions tagged [wannacry]