Registering a Domain Accidentally Triggered Ransomware’s Kill Switch

A new and aggressive form of ransomware started infecting computers late last week. The UK’s national Health Service (NHS) and Spanish telco Telefónica were among the most high-profile victims of the WannaCry malware, also known as WanaCrypt0r 2.0.  As bad as the infection was, it could have been much worse if not for a security writer and researcher stumbling upon its kill switch. All he had to do  in order to neuter WannaCry was register a domain.

Like most ransomware, WannaCry is designed to encrypt a user’s important files when it gets a foothold on a new system. This attack was more severe than many others as it made use of a Windows exploit called Eternalblue designed by the NSA. That vulnerability was dumped on the internet several weeks ago by unknown hackers. Microsoft acknowledged that bug and released a patch for older versions of Windows.

Read full news article on Extreme Tech