Friday, May 12, 2017

Equation Group's Exploit is Operating Globally: #WannaCry Ransomware

Wapack Labs is tracking a reported ransomware attack on various countries affecting operations in the health and financial sectors. The malware has been titled: WCry, WannaCry or WanaCrypt0r ransomware. Open source reporting indicates that Russia, Ukraine, Taiwan, Spain, and the United Kingdom are being targeted. CCN-CERT (SP) has confirmed the malware propagates through the leaked Equation Group ETERNALBLUE SMB exploit. Microsoft Security Bulletin MS17-010 details mitigations for this exploit.

Wapack Labs has cataloged and reported extensively on ransomware in the past. An archive of related reporting can be found in the Red Sky Alliance portal.

WWW.WAPACKLABS.COM