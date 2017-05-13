Researchers Find New Version Of WanaDecrypt0r Ransomware Without A Kill Switch (vice.com) 31
Remember that "kill switch" which shut down the WannCry ransomware? An anonymous reader quotes Motherboard: Over Friday and Saturday, samples of the malware emerged without that debilitating feature, meaning that attackers may be able to resume spreading ransomware even though a security researcher cut off the original wave. "I can confirm we've had versions without the kill switch domain connect since yesterday," Costin Raiu, director of global research and analysis team at Kaspersky Lab told Motherboard on Saturday... Another researcher confirmed they have seen samples of the malware without the killswitch.
Re: (Score:2)
Write up a "told you so" as in a root cause analysis.
Re: What hath thou abandoned me, Microsoft?? (Score:1)
It was only a matter of time... (Score:3)
The person who found the previous "kill switch" believes that it was actually an anti-sandboxing feature, not a kill switch.
Re: (Score:2)
can i have a link to where you saw this please?
Re: (Score:3)
Re: (Score:3)
Pretty freakin' neato
We can only hope! (Score:2)
Lets hope that this person is doing this for awareness. and hopefully he makes his point. or else sorry you put a critical on the internet without knowledge of how the internet works.
Re: (Score:2)
I suspect that the perps are doing it for money.
Always follow the money.
This wave... (Score:2)
Is really going to hurt then.. I doubt the world has had time to patch everything...
Re: (Score:2)
Re: (Score:1)
God damnit (Score:3, Funny)
I've tried everything to get this to run on my Linux Mint box (including installing WINE) and it just won't do anything.
Re: (Score:1)
I've tried everything to get this to run on my Linux Mint box (including installing WINE) and it just won't do anything.
Surely you are familiar with stuff not working on a Linux box ?
It's part of the hobby to experience such things, n'est ce pas ?
Re: (Score:2)
Clearly you need a VM to experience the full goodness of Microsoft's SMB implementation..
I am diabling SMB v1 (Score:2)
Even though my main machine is mac, and my bootcamp and windows secondary machine are on Win10 and Fully patched, and my synology NAS has SMB v1 disabled, I may as well disable SMBv1 across the whole fleet.
God have mercy on all morons who are still running unpatched machines...
It's All About ROI (Score:2)
It's not like most IT departments don't know these vulnerabilities exist, and there are many common reasons, some common ones being:
A) Code written under a very tight schedule, where getting working code operational is the number one target, and the team expects to tighten up the security later but never does.
B) Legacy code written before this type of security was much of a concern.
The main problem with preventing this kind of thing is the Bean Counters. Generally, they will do a calculus of the possibility
Shocking! (Score:2)
It's almost as if someone saw this coming. [slashdot.org]