Last Friday, a strain of ransomware called WannaCry began infecting computers in NHS hospitals in the United Kingdom, before spreading to attack systems in 150 countries around the world. A 22 year old hacker came to the rescue, shutting down a huge number of attacks — but he has since stated that the fix he came up with happened entirely by accident.
The cyber security researcher, who tweets anonymously under @MalwareTech, discovered that buying a web address for less than $10 was all it took to stop the virus from taking files “hostage.”
Here’s how it works. When WannaCry infects a new computer, it attempts to contact a remote web address. If it can’t connect to that address, it begins plundering the computer. But if it can reach that link, the programme simply shuts down. It’s believed the creator of WannaCry built this into the programme as a failsafe.
Once MalwareTech realised that WannaCry’s destination address was unregistered, they swiftly purchased the domain — although they admit to initially being “unaware” that doing so would stop the malware. They tweeted later that they can add “accidentally stopped an international cyber attack” to their resumé. Since stumbling onto the solution, the hacker has been hailed as an “accidental hero.”
MalwareTech has registered thousands of domains over the last year in their work combating cyber security threats, but warns that future fixes may not be quite so simple. Darren Huss of cyber security firm Proofpoint has also stated that, due to the relative simplicity and ease with which WannaCry spread, we can expect to see repeat attacks or copycat offenders “very soon.”
to News Alerts