WannaCry - Ransomware
The ransomware uses exploits leaked by the Shadow Brokers and has infected a large number of computers including those in the government, telecom, and educational sectors. Files are encrypted denoted by the .WNCRYT extension. The bounty for WannaCry ranges from $300 to $600 but payments may not be uniquely associated with a system. The initial variants of WannaCry no longer encrypts if the sample can resolve an external DNS which is held by security researchers.Related Threats
Exploit Kits
Campaigns
Vulnerabilities
- CVE-2017-0146^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/vulnerabilities-details.cve-2017-0146.html
- CVE-2017-0148^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/vulnerabilities-details.cve-2017-0148.html
- CVE-2017-0143^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/vulnerabilities-details.cve-2017-0143.html
- CVE-2017-0145^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/vulnerabilities-details.cve-2017-0145.html
- CVE-2017-0144^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/vulnerabilities-details.cve-2017-0144.html