Skip to content
Naked Security Naked Security

The WannaCrypt ransomware scam – what you need to know [PODCAST]

A hoax about ransomware called "WannaCrypt" has been widely spammed out. But is an attack of this sort technically possible?

A cybersecurity scare about ransomware called “WannaCrypt” has been widely spammed out.
The threat was pretty blunt, and boiled down to this: “We’ve infected your computer with disk-wiping malware that will detonate and destroy your data at X o’clock tomorrow. Pay us $650 in bitcoins before that time and we’ll send you a cleanup tool that will stop the malware before it does any damage.”
This one, fortunately, is a scam – there isn’t any malware – but the attack that the crooks describe could, in theory, be pulled off.
In this Sophos Security SOS podcast, Sophos experts Matt Boddy and Paul Ducklin investigate, and explain what to do.

LISTEN NOW

(Audio player above not working? Download MP3, listen on Soundcloud or access via iTunes.)

If you enjoy our podcasts, please share them with other people interested in security and privacy, and give us a vote on iTunes and other podcasting directories.

Further reading

Listen and rate via iTunes... Sophos podcasts on Soundcloud... RSS feed of Sophos podcasts...

4 Comments

If I had received a threat like this without a tip like the above, I would use the 24 hours as follows:
1) Take a disk image backup
2) Take a regular backup image
3) Take a backup of all user-created files and an inventory of all installed software
If the malware were real and erasure (not erasion) took place, I’d try to restore from (1). If that reloaded the malware, I’d try (2). And if that failed, I’d (3) reload the OS and all my applications and files.
The flaw in this scam is the 24 hours notice. Too easy to safely hide your stuff away.

I like your style Laurence!
Certainly good advice to anyone concerned by an email threat of this style.

have fwd suspect emails to
‘is-spam@labs.sophos.com’
still active?
was it usefull?
is it still usefull?
thanks
i’d like to still stay safe and secure

Yes, please keep sending stuff – you can use:
is-phish@sophos.com
is-spam@sophos.com
You won’t get a reply, I’m afraid – there’s just too much traffic to respond to every submission – but it helps everyone else so we are happy to receive your submissions. It’s a great way of helping the community.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?