Vin Ransomware Blog02

The world had just started recovering from the recent WannaCry Ransomware attack(May 12,2017),whenthe cyber criminals launched another version of a devastating ransomware which spreads 

Please do not be frightened by the spreading of WannaCry. Following are hoax messages circulated regarding WannaCry Ransomware.

This article is in continuation with the previous post, Some more deep investigation has been done which is reported in this article. 

Sample : 593bbcc8f34047da9960b8456094c0eaf69caaf16f1626b813484207df8bd8af

The sample has all the 3 bitcoin addresses hard-coded in the malware. The reason why all the three bitcoin wallet addresses are embedded is to ensure that incase one address cannot proceed the payment the other wallet addresses will be used.

In light to the recent cyber attack of ransomware which goes by the name “WannaCry” has affected more over 99 countries. This attack is believed to use the exploit tool called “ETERNALBLUE” which was leaked from the NSA, by the hacker group called ShadowBrokers. 

Individuals, Institutions, Corporations and Hospitals around more than 99 countries have been affected by a recent ransomware attack know WNCry, WCry, WanaCrypt0r, Wana Decrypt0r Ransomware.