Ransomware is the program that is designed to corrupt the user files on their PC. Previously we have discussed some Ransomware virus facts and its prevention measures. But today we are going to learn about a new type of ransomware that is rapidly attacking the different organisations of the world. I am talking about the malicious Ransomware WannaCry.
Wanna Cry Ransomware has attacked more than 150 countries of the World. Actually, ransomware takes advantages of the security holes in the operating system.
Wanna Cry also took the advantage of a similar security bug in
Microsoft's Windows Operating system. Wanna Decryptor is a Trojan virus that locks or corrupts the files on the users PC and the attackers ask some big ransom to provide you the original files.
What is Wanna Decryptor?
Wanna Decryptor is not a different thing it is just other name of WannaCry Ransomware. As you know that ransomware corrupts the data files of the user PC, but WannaCry Ransomware is very different It locks down all the files of any PC and leaves only two file. These files only contain the instructions to unlock the corrupted files by paying the ransom amount. The attackers ask the payment through Bitcoin only. See the image below to know more.
The error is shown and a time limit is given to user. The warning states that "If the user failed to provide the ransom amount within the time limit then his/her files would be permanently deleted".
Whom does WannaCry Ransomware affects?
Windows Operating system users has been affected the most. MacOS and Linux OS users are pretty safe. It's just because WannaCry has been designed keeping the Windows security bug in mind. Mac users has also been affected by ransomware but WannaCry is not for Mac. Learn
how to get rid of virus and ransomware on Mac operating system.
Is Mobile SmartPhone Safe from Wanna Decryptor
Yes Mobile Phone are truly protected. WannaCry virus only attack Windows OS system computers and PC. Mobile phones and other terminals will not be attacked. Unix, Linux, Android, iOS and other systems would not be affected by Wannacry Ransomware. Please do not panic and don't listen to the rumors.
How and who created WannaCry Ransomware
National Security Agency(NSA) US found "
EternalBlue" security hole that was publicly released by a hacker group named
Shadow Brokers.
WannaCry trojan make use of this bug discovery. WannaCry is created by some unknown hackers.
Symptoms of extortion Wanna Cry Trojan infection
The most common symptoms that shows that you are attacked by
Wanna Cry virus are
- Your computer desktop background is modified.
- You files are encrypted and locked with the .wcry , .wncryt , .wncry , and .wnry extensions.
- The virus pops up tips are shown to the users that explains, how to decrypt your file by paying ransom.
- Restarting the Computer shows the blue screen error the boot up of Windows OS fails.
These are some of the main symptoms of WannaCry that are mainly experienced by many users.
How to protect yourself from WannaCry Trojan?
Firstly you need to update to a most recent security patch updates released by
Microsoft.
Here is the link to Microsoft's Customer Guidance for WannaCrypt attacks. Some Important tips to deal with WannaCry Ransomware to remain protected are mentioned below.
- Please make sure you back up all the important files in other system or hard-drive.
- Attacker Can't attck your PC without you. They want the users to download the malicious file to their Computers in order to spread.
- Common attacks of WannaCry virus are through malicious emails, websites and many adult sites. Never try to open any website and download any content from an unknown an non trusted sites.
- Try not to click on the links rather type it yourself into address bar. Never ever open any untrusted email links.
- Software and Apps should be downloaded from the site with HTTPS. Check out whether the site is https protected or not.
- If you are using any anti-virus please update it to latest security patch if available. Here is how to Choose a good Antivirus which can protect your PC effectively.
- If you got hit by Wanna Cry Ransomware then immediately turn off your PC and remove the Internet connection. If you are in a local network then try to Shut down the network or remove the affected PC from the Network.
What if my PC/computer is infected with WannaCry?
No such permanent fix has been created yet that can fix the WannaCry ransomware. But experts are trying hard to find the solution to fix and purge the Wanna cry virus. Decryption of the affected files is not really possible for now and no software is designed for that purpose. If you find some tools that can decrypt the affected file, please tell everyone about it in the comment box below.
The only thing that would help you here is the Backup of your PC. If you have the backups of your data available then you can apply the backup and restore your system back.
There are some tools and software available online that claims to recover the files that are WannaCry corrupted. But you must take precaution before downloading anything that may put you in the greater risk. Download such software at your own risk.
Does paying the ransom helps in recovering WannaCry affected files?
According to the Experts, It is not necessary that the attackers would provide the decoding mechanism or decryption key after the ransom payment. So Paying is not a solution to get rid from WannaCry malware. Paying the attacker would help them become more powerful and would encourage them to do more such harms in future.
Usually attackers are asking for $300 to $1500 through Bitcoin to decrypt the files. But here money is not so Important, trust is important. You cannot trust the people who have corrupted your data.
Types of files affected by Wanna Decryptor
WannaCry Ransomware can corrupt all the major types of file format that a normal users uses. Below mentioned files are some of the common files that get affected by this WannaCry trojan.
3g2 , 3gp , 7z , ARC, asp , avi , backup , bak , bat , bmp , class , cmd , cpp , crt , csv , db , djvu , doc , docb , docm , docx , dot , flv , gif , iso , jar , java , jpeg , jpg , mid , mkv , mov , mp3 , mp4 , mpeg , mpg , msg , pdf , pem , pfx , php , pl , png , ppt , pptx , psd , rar , raw , rtf , sql , sqlite3 , sqlitedb , stc , std , svg , swf , tar , tbk , tgz , txt , vbs , vcd , vmx , vob , wav , wma , wmv , xlm , xls , zip
These are just some of them, there are lot more types of file format that can be locked by WannaCry.
Conclusion
WannaCry, as the name suggest would make you cry if your are not prepared for it. WannaCry has affected a large population of many countries like INDIA, US, UK, Scotland, Ireland, China, Pakistan, Afghanistan, Canada, Brazil, South Africa, Iran, Australia and many others. Which gives the indication that this virus is not a easy to tackle. So if you
don't Wanna Cry then please make sure your are updated enough and aware enough to fight this malware that is spreading rapidly all over the world.
It would be interesting to know "
How the Cyber Securities tackle this WannaCry Ransomware". If you know something else related to Wanna Decryptor that can help others and me, Please add it to the comment section below. And Remember
Never ever Pay for recovering the files that you lost if you got attacked. As this would also hurt you financially, if you didn't get what you need. Wait for the cure to come. Thank you for reading this article.