Tech Specialists across the world are scratching their heads as the largest cyber-ransom attack wreaks havoc around the globe.
The ongoing global cyber attack is infecting computers and encrypting data, locking users and network administrators out of systems and demanding 300 bitcoins per machine to release the data.
Typically the virus will make its way in to a network via phishing scam emails. When a networks user opens the email and clicks the link it launches an executable file that installs the malware on to the user’s computer and begins the process of encrypting data and locking the user out of the system.
“White Hat” hackers are speculating that certain bits of the code used by this sophisticated attack come directly from leaked C.I.A. hacking tools that were recently auctioned off by a group of hackers known as “The Shadow Brokers”.
Once the virus makes its way in to a network it begins to replicate and infect other computers on the system.
It is said that the virus is exploiting a flaw in the Windows Operating System that was recently exposed when leaked NSA documents hit the web as well, making it easier for the virus to jump around networks.
This is very similar to systems that were developed by the C.I.A. which were publicized by Wikileaks Vault7 releases. The C.I.A. has lost control over its own hacking tools and it would seem that “Black Hat” hackers have devised ways to implement these tools code into their own projects.
Microsoft has released a security patch for Windows XP even though the company hasn’t provided support for its old operating system for 3 years. It is believed that machines running Windows XP are more susceptible to the virus. India and Russia are being hit the hardest as Windows XP is still a popular operating system in those countries. Microsoft is also providing patches for Windows 8 and Windows Server 2003.
130,000 thousand networks in over 100 countries are being hit by the cyber-ransom virus.