THE W@R10CK

Wannalocker: Android Users Wanna'Cry'. After the terror we saw with the dangerous Wannacry ransomware, another ransomware is on play. Unlike the wannacry, those ransomware is specialized for infecting android phones. Although, now the attack is spread only among Chinese users. Connection to Wannacry When it infects, the message screen coming by may scare you. Because it has a most familiar look we all saw presently. That’s why it is called as a Copycat of Wannacry Ransomware. Also the security company Avast named it as “wannalocker”. But the point is, the ransomware could spread havoc among the infected people and it can easily get famous. Only the name is enough, WANNACRY. We can understand that the attacker expects a quicker transfer of money. That might be the reason why the attacker decided to design the message screen display to look alike wannacry. [caption id="attachment_3655" align="aligncenter" width="422"] wannalocker display photo: avas...

We all know about the panic made by the infamous ransomware worm wannacry. It hit more than 3lakhs of systems within 72 hours. The latest reports says that there are some errors found in the wannacry code and it might allow the victims to restore the files without any decryption keys. Senior researcher at security company kasperkey lab Anton Ivanov, along with his team mates’ fedor sinitsy and orkhan mamedov explained thursday that some critical errors in the code made by wannacry developers. They made mainly 2 types errors. While deleting the original file. While processing the read-only files. By utilizing these errors, the victims can restore their files using just a recovery software. 1.Error in the removal logic When wannacry encrypts a file it first reads the original file, encrypts it and save it to an extension .WNCRYT. Then it moves to another extension .WNCRY and deletes the original file. Our issue resides in this area that is in the way the ransomware deletes the orig...

What is Ransomware? Ransomware is a malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. The ransomware may also encrypt the computer's Master File Table (MFT) or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file. How Does Ransomware Work? Ransomware gains access to a computer the same way as any kind of virus or computer worm - either through getting the user to ...