French researchers claim cure for WannaCry-infected computers
Researchers are struggling to try to find early traces of WannaCry, which remains an active threat in hardest-hit China and Russian Federation, believing that identifying “patient zero” could help catch its criminal authors.
The country is least prepared to tackle the ransomware virus “WannaCry” because of the low level of awareness about malicious software, a senior official looking after West Bengal’s IT security said.
Cybercriminals conducting the ransomware attack leveraged an exploit of Windows – believed stolen from the U.S. National Security Agency – to lock computer files until owners paid $300 in bitcoin digital currency.
In March, the company released a free patch that would have protected computers from the malware. Last Friday, Microsoft finally made the patch available to Windows XP machines free of charge, but the damage has been done.
Microsoft, despite knowing the vulnerabilities present in its PC software, chose to withhold the release of the security patch for a certain section of clients, which were running older (ex: Windows Vista & Windows XP) versions on their company systems, according to Financial Times.
Microsoft is said to have held back a software fix that could have slowed the spread of the WannaCry ransomware on older versions of Windows.
It should be noted that Windows XP is an outdated version of Microsoft’s Windows operating system, which first launched in 2001.
By contrast, the United States accounts for 7 percent of WannaCry infections while Britain, France and Germany each represent just 2 percent of worldwide attacks, Kryptos said. “But this is so far the only workable solution to help enterprises to recover their files if they have been infected and have no back-ups” which allow users to restore data without paying black-mailers.
However, a bug in WannaCry code means the attackers can not use unique bitcoin addresses to track payments, security researchers at Symantec found this week.
However, the two tools only work if the infected computers haven’t been turned off, or rebooted.
While encrypting individual computers it infects, WannaCry code does not attack network data backup systems, as more sophisticated ransomware packages, typically do, security experts who have studied WannaCry code agree. “What we have seen now is only the tip of the iceberg”, the officer cautioned.