A new type of ransomware called "WannaRen" has recently appeared on the Internet. It behaves similarly to the infamous "WannaCry" and encrypts almost all files in the Windows system.
The suffix of these encrypted files is ".WannaRen", and the hackers demanded a ransom of 0.05 bitcoins.
At present, there are two variants of the virus, the difference is only to send ransom information through text or pictures. The language is in traditional Chinese, and the bitcoin addresses are the same. So it can basically be determined that the authors are the same.
According to the feedback from Baidu Tieba and the 360 community, China's popular anti-virus software 360 Safe and other anti-virus software did not report the virus during the infection. The computer was still infected after manual antivirus operations.
Some users have reported that the system will still be infected after installing the Microsoft "Eternal Blue" patch.
In addition, according to the updated information from a blogger named Arision.Y on Zhihu, China's equivalent of Quora, the virus is not using the eternal blue vulnerability. So most antivirus software cannot intercept it. Only Norton can intercept (not wide) but the network requirements are higher.
At present, Windows 7 is immune but there is no damage from pop-up windows. Users of Windows 10 has confirmed that there are damages.
In 2017, the "WannaCry" ransomware infected at least 150 countries with 300,000 computers, causing economic losses of $8 billion, affecting many industries such as finance, energy, and medical care, and causing a serious crisis to social and livelihood security.
Leave a Reply