Open Access
Subscription Access
Open Access
Subscription Access
WannaCry Malware Analysis
Subscribe/Renew Journal
In business scenarios today, the most precious asset is computer systems and the data which is stored in them. Attackers are well aware of this fact and that is the reason why they can easily make money by holding this data at ransom. This is the reason why ransomware form of malware is on constant rise and is threatening businesses. WannaCry is one such ransomware which recently caused great havoc in many countries, affecting public amenities like health, in addition to causing huge monetary losses and losses to data. In this paper we will analyze wannacry in detail to understand its architecture, working, damages it caused and how the kill-switch worked to stop the damages for some time. We will also understand the various precautions to be taken to be protected from such ransomware in the future.
Keywords
Ransomware, WannaCry, SMB Vulnerability, Doublepulsar, Bitcoins, TOR.
User
Subscription
Login to verify subscription
Font Size
Information
- Certin, M. (2017, May 13) . Wannacry/WannaCrypt Ransomware. Retrieved from Cyber Swachhta Kendra Website: http://www.cyberswachhtakendra.gov.in/alerts/wannacry_ransomware.html
- Cert,E. (2017). WannaCry Ransomware Campaign Exploiting SMB Vulnerability. Retrieved from Cert Europa Website: https://cert.europa.eu/static/SecurityAdvisories/2017/CERT-EU-SA2017012.pdf
- Mercaldo, F., Nardone, V., Santone, A., & Visaggio, C. A. (2016, June). Ransomware steals your phone. Formal methods rescue it. In International Conference on Formal Techniques for Distributed Objects, Components, and Systems (pp. 212-221). Springer International Publishing.
- Klosowski ,T. (2014, Feb 2). What is Tor and Should I Use it. Retrieved from http://lifehacker.com/
- McNeil,A.(2017, May 19). How did the WannaCry Ransomware Spread? Retrieved from https://blog.malwarebytes.com/
- Scaife, N., Carter, H., Traynor, P., & Butler, K. R. (2016, June). Cryptolock (and drop it): stopping ransomware attacks on user data. In Distributed Computing Systems (ICDCS), 2016 IEEE 36th International Conference on (pp. 303-312).IEEE.
- Gazet, A. (2010). Comparative analysis of various ransomware virii. Journal in computer virology, 6(1), 77-90.
- Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., & Kirda, E. (2015, July). Cutting the gordian knot: A look under the hood of ransomware attacks. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 3-24). Springer International Publishing.
- Andronio, N., Zanero, S., & Maggi, F. (2015, November). HelDroid: Dissecting and detecting mobile ransomware. In International Workshop on Recent Advances in Intrusion Detection (pp. 382-404). Springer International Publishing.
- Sterling, B.(2017,April 4). Double Pulsar NSA Leaked Hacks in the Wild. Retrieved from https://www.wired.com/beyond-the-beyond/2017/04/double-pulsar-nsa-leaked-hacks-wild/
Abstract Views: 683
PDF Views: 7