This is a quick and dirty website used to track the profits made by the WannaCry ransomware. Based on a Python script written by sp4rk2.
WannaCry is a type of malware that encrypts your files and prevents access unless a large sum of money is paid within a certain amount of time. Cybersecurity calls this a ransomware attack.
Click here to be taken to the Wikipedia article about WannaCry
WannaCry is significant because it utilizes a Windows SMB exploit (EternalBlue) originally written by the United States National Security Agency for counterterrorism operations. The exploit was disclosed to the general public through a leak by a group known as the Shadow Brokers. The fact that WannaCry exploits a vulnerability that was purposefully withheld by a military organization of the United States is particularly noteworthy.
- Make sure to keep Windows up to date. Microsoft has released patches for all supported versions of Windows, as well as an out of cycle patch for Windows XP and Windows Server 2003.
- It should be noted that the Windows XP/2003 patches are an exception. Windows XP is still otherwise unsupported by Microsoft and should not be used except in cases where upgrading is not feasible. Windows Server 2003 is also unsupported and should not be used at all except under the most extreme circumstances.
-
Backup your files regularly. Services such as BackBlaze, Microsoft OneDrive, and MEGA offer large amounts of storage space for either free or very low cost. Offline storage such as external hard disks, thumb drives, and burnable disks are even better.
-
Learn how to recognize emails that either sound off or are from addresses you don't recognize. WannaCry and other ransomware malware programs usually spread through social engineering attacks targeting large corporations. They typically involve clicking on a bad attachment coming from a compromised email address. Just be aware of what files people are sending you and these viruses can be stopped before they even reach your computer.
Since the ransom is apparently being paid by a significant number of victims, I felt it necessary to provide a better way of both tracking the profits being made by the malware as well as hopefully illustrate why paying the ransom only legitimizes the hack.
- Post an issue in the issues section here on GitHub. I will be automatically notified of your post by email.
- Drop me an @ reply or direct message (DM) on Twitter. My handle is @dabockster.
- Drop me an email directly at [email protected].