Wcry

Malware updated 23 days ago (2024-11-29T13:35:15.505Z)
Download STIX
Preview STIX
WCry, also known as WannaCry or WanaCryptor, is a self-propagating ransomware that was one of the most disruptive cyber attacks in history. This malware was a product of a North Korean cyber operation aimed at financial gain. The ransomware spreads through internal networks and over the public internet by exploiting a vulnerability in Microsoft’s Server Message Block (SMB) protocol, MS17-010. Once it infects a system, it encrypts data files, appends them with the .WCRY extension, drops and executes a decryptor tool, and demands $300 or $600 USD (via Bitcoin) to decrypt the data. The latest version of this ransomware variant was discovered on the morning of May 12, 2017, by an independent security researcher. The malware spread rapidly within several hours, with initial reports beginning around 4:00 AM EDT, May 12, 2017. It initially targeted Russia but quickly spread globally to at least 74 countries, affecting various industries including telecommunications, shipping, car manufacturing, universities, and healthcare. This attack underscores the potential damage that can be caused by such malicious software. WCry variants were observed demanding Bitcoin payments equivalent to $300 and $600, showcasing the financial motivation behind the attack. It's crucial for organizations to protect their systems against such threats through robust cybersecurity measures, including regular updates and patches, to prevent exploitation of vulnerabilities like the one used by WCry.
Description last updated: 2024-05-04T19:15:26.482Z
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
WannaCry is a possible alias for Wcry. WannaCry is a notorious malware that gained global attention in 2017 when it was responsible for the biggest ransomware attack to date. The malware, designed to exploit and damage computer systems, infects systems through suspicious downloads, emails, or websites. Once inside a system, WannaCry can
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Wcry Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more