Security & Fraud

WannaCry Leaves Researchers With Big Questions

The WannaCry malware that spread globally over the past weekend has cybersecurity researchers puzzled on a number of levels. How it all began, how the malware spread so rapidly and why it hasn’t been particularly profitable for the cybercriminals involved are all open questions.

There are many theories, according to a report from Reuters, but few definitive answers.

The main question on researchers’ minds is how exactly WannaCry spread. Many malware attacks spread via phishing emails containing malicious links or attachments. Once someone within a network clicks on the link or opens the attachment, the malware propagates.

So far, no evidence of an initial infecting email has been found, said IBM Security’s Caleb Barlow, even after looking through the company’s database of over 1 billion emails dating back to the beginning of March.

“It’s statistically very unusual that we’d scan and find no indicators,” Barlow told the newswire. “How the hell did this get on there, and could this be repeatedly used again?”

Other researchers agree. “Right now there is no clear indication of the first compromise for WannaCry,” said Budiman Tsjin of RSA Security, a part of Dell.

Other companies, such as enterprise cybersecurity provider FireEye, told the newswire some of their customers found phishing emails, noting however that WannaCry relied less on this inciting factor and more on Microsoft’s vulnerability to spread within any given network.

Then, of course, there’s the issue of payment itself. Relative to its effect, WannaCry hasn’t been very profitable for the attackers.

According to live data from Elliptic Enterprises, a London-based company that tracks illegal bitcoin use found that, as of Tuesday (May 16), the total amount of ransom paid out to the three bitcoin wallet addresses known to be associated with the WannaCry fraudsters had totaled just over $71,600 (about 40.4 bitcoin).

That’s a fraction of what smaller malware campaigns have managed to raise and significantly less what it could have brought in.

——————————

LATEST PYMNTS REPORT: B2B API TRACKER 

Social distancing has changed eCommerce from a ‘want to have’ to a ‘must have’ for businesses, yet retailers could struggle to create convenient payment and refund experiences for their apps and websites, says Abdul Raof Latiff, head of DBS Bank’s digital institutional banking group. In the April 2020 B2B API Tracker, Latiff explains how banks can provide a timely assist via application programming interfaces (APIs) that integrate payments into those eCommerce platforms.

Click to comment

TRENDING RIGHT NOW