Ransomware Attack Nets $50K (So Far)

Crime, News | May 15, 2017 By:

A London firm estimates the total of ransom paid to hackers from the worldwide cyber-attacks underway is about $50,000 USD as of Monday, May 15.

Elliptic Enterprises Ltd., a company that tracks bitcoin use, calculated that sum by tracking bitcoin addresses specified in ransomware demands. However, the total is expected to rise as the 72-hour deadline imposed on those affected as of Friday, May 12 gets near.

The attackers have requested $300 to de-crypt files infected by ransomware. If the initial deadline passes, the ransom request would double. Beyond seven days, the files would be permanently locked.

While some IT teams struggle to find a solution, other companies face a more basic problem, according to reports – they haven’t previously obtained bitcoin and find it difficult to follow the procedures needed to get them.

Hackers apparently are exploiting a Windows vulnerability using tools obtained from another hacker group called The Shadow Brokers. The Shadow Brokers claim to possess hacking tools stolen from the US National Security Agency (NSA). Microsoft issued a security patch for the alleged vulnerability in March, but not every system may have installed the upgrade.

Hospitals, utilities, phone companies and universities are among those reportedly affected by the outbreak, and delivery giant FedEx issued a comment indicating that it, too, had been hit in several unspecified territories.

Jakub Kroustek, Threat Lab Team Lead at cyber-security firm Avast, blamed the WanaCryptor 2.0 for the ransomware.

Kroustek also said the machines being targeted have either not been updated to include a patch or are PCs running Windows XP, which are not supported anymore. “Avast detects all known versions of WanaCrypt0r 2.0, but we strongly recommend all Windows users fully update their system with the latest available patches.”