Wcry

WCry, also known as WannaCry or WanaCryptor, is a self-propagating ransomware that was one of the most disruptive cyber attacks in history. This malware was a product of a North Korean cyber operation aimed at financial gain. The ransomware spreads through internal networks and over the public internet by exploiting a vulnerability in Microsoft’s Server Message Block (SMB) protocol, MS17-010. Once it infects a system, it encrypts data files, appends them with the .WCRY extension, drops and executes a decryptor tool, and demands $300 or $600 USD (via Bitcoin) to decrypt the data. The latest version of this ransomware variant was discovered on the morning of May 12, 2017, by an independent security researcher. The malware spread rapidly within several hours, with initial reports beginning around 4:00 AM EDT, May 12, 2017. It initially targeted Russia but quickly spread globally to at least 74 countries, affecting various industries including telecommunications, shipping, car manufacturing, universities, and healthcare. This attack underscores the potential damage that can be caused by such malicious software. WCry variants were observed demanding Bitcoin payments equivalent to $300 and $600, showcasing the financial motivation behind the attack. It's crucial for organizations to protect their systems against such threats through robust cybersecurity measures, including regular updates and patches, to prevent exploitation of vulnerabilities like the one used by WCry.