A hero stops one of the world’s largest malware attacks at a cost of $10.69
Yesterday the world was under a malware attack. Today, it’s not. Thanks to one do-gooder, that didn’t realize he was doing good.
The malware, which we reported on yesterday is a form of ransomware with possible NSA origins. The attack is unprecedented in nature, with many large scale victims. From the UK’s National Health Service, to FedEx, it is not just the affected computer’s owners that are under attack, but those that depend on services provided by them.
A security researcher who is choosing to only be identified by malwaretechblog stumbled upon the cure for this itch. The researcher was on vacation when he heard of the attack, and found himself some code to start looking in to. He noticed that the malware was sending out a request to a URL that didn’t exist. When the malware would find that it couldn’t connect with the URL, it would go about infecting computers. The researcher bought the domain for a fee of $10.69 so that he could see what the malware was sending to the domain. He quickly found that this domain served as a kill switch for the attack.
Once the malware sent it’s request to the new website malwaretechblog had created, the malware just stopped dead in it’s tracks. Unfortunately, infected computers are still infected. While the kill switch stopped the spread of the malware, it does nothing to cure the infection that already exists. One thing we can be sure of, is that there will be further strains of this malware, and others like it. malwaretechblog is a hero today, who will be a hero tomorrow?