Recently a 22-year-old researcher from @Malware TechBlog had discovered a ‘kill switch’ that can disable all the functionality of the Wanacrypt0r 2.0 ransomware. Well, the ransomware attempts to connect to an unregistered domain after operating on victim’s computer.
Here’s How A Security Researcher Accidentally Stopped WanaCrypt0r Ransomware
Earlier this year the hacking group ‘The Shadow Brokers’ decided to give away the hacking tools that were stolen from the NSA for free. Well, the tools can be used to hack computers running on Microsoft Windows.
The malicious software WanaCryptor 2.0 which is also known as WCry is now being used to carry out one of the biggest ransomware attacks of its kind. If you are still unaware about WanaCrypt0r .
Recently a 22-year-old researcher from @Malware TechBlog had discovered a ‘kill switch’ that can disable all the functionality of the Wanacrypt0r 2.0 ransomware. Well, the ransomware attempts to connect to an unregistered domain after operating on victim’s computer.
If the connection takes place, the ransomware closes itself and also stops spreading. That means that as long as the domain was unregistered and inactive, the ransomware keeps expanding itself.
The researcher bought the domain for $10.69. Once the URL went live after purchasing, the whole thing closed down. Now when the code pinged that domain, it turn out to be purchased and then the ransomware deactivated.
The researcher claimed that ‘a bit of analysis’ led him to the discovery of the domain. However, finding the kill switch was accidental. So, eventually, he pulled the plug without even realizing.
So, what do you think about this? Share your views in the comment box below.