时间:2025-04-03 17:15:46 来源:网络整理编辑:探索
When it comes to online currency, lulz just might outvalue Bitcoin. A unknown group of hackers is wo
When it comes to online currency, lulz just might outvalue Bitcoin.
A unknown group of hackers is working behind the scenes to restart the ransomware WannaCry, and one security expert believes the culprits this time around aren't who you think.
And neither is their motivation.
SEE ALSO:It won't be easy for WannaCry hackers to get their cashContrary to what you might expect, it appears not to be the initial group responsible for WannaCry now working to startle the ransomware monster awake from its slumber. Rather, we may have some internet randos to thank.
Why? The leading theory, proposed by security researcher Marcus Hutchins, suggests it's all about shits and giggles.
WannaCry rushed onto the international scene on May 12, infecting and encrypting hundreds of thousands of computer systems running unpatched Windows operating systems. The ransomware demanded that victims pay around $300 in the cryptocurrency Bitcoin to their attackers if they ever wanted to see their files again.
"Yeah, it's most likely scriptkiddies doing it for lulz."
Some paid up, but computers stayed encrypted.
And while the damage was bad — England's National Health Service was hit particularly hard — it could have been a lot worse. The ransomware -- which utilized a stolen NSA exploit called EternalBlue -- stopped spreading when Hutchins registered a mysterious domain he discovered in the malware code and sinkholed it.
Hutchins explained the process on his blog, noting that "a sinkhole is a server designed to capture malicious traffic and prevent control of infected computers by the criminals who infected them."
The ransomware, it seems, was designed to contact Hutchins' domain before it spread to the next victim. Hutchins' registration of that domain created a kind of kill switch — effectively telling WannaCry to stop spreading.
As long as that domain, and one other discovered and sinkholed by a different researcher, remain up and active the ransomware won't spread. Which brings us back to our lulz-pirates.
Hutchins has observed an intentional distributed denial of service attack aimed at his domain with the apparent goal of knocking it offline. Wiredreports that the traffic appears to be coming courtesy of the Mirai botnet — the same botnet, comprised of IoT devices like wireless security cameras, that brought down parts of the internet in the fall of 2016.
Tweet may have been deleted
Why would anyone do this? Could the initial WannaCry developers simply want more computers infected with the hope of making more money? Probably not.
As Hutchins confirmed via Twitter direct message, the initial attackers can't appear to even keep up with the volume of decryption requests they've already received.
"[The] decryption system is stupid and completely unscalable," he observed.
In other words, infecting more computers won't exactly translate to more Bitcoin in their wallets. That leaves another possibility: someone just looking to mess with people.
"Yeah, it's most likely scriptkiddies doing it for lulz," Hutchins further speculated — using a term that refers to relatively low-skilled hackers.
So there you have it. If someone manages to knock Hutchins' sinkhole offline, allowing WannaCry to spread further in the process, you'll likely have some random prankster with a messed up sense of humor to thank.
But don't stress about it too much. "The DDoS is unlikely to be successful," reassures Hutchins.
Phew. Now if only Hutchins could solve our other internet security problems.
TopicsCybersecurity
Tourist survives for month in frozen New Zealand wilderness after partner dies2025-04-03 16:14
冠軍還有戲嗎?泰山已輸不起!郝偉突改無鋒陣是何用意2025-04-03 16:13
意甲情報 :森索羅VS AC米蘭 ,森索羅兩絕對主力傷缺2025-04-03 15:52
這是什麽神仙劇情?姆巴佩正式回應博格巴:如果施咒必追究到底!2025-04-03 15:47
'The Flying Bum' aircraft crashes during second test flight2025-04-03 15:17
滬媒怒批海港表現 :這麽踢武磊巴爾加斯回來都沒用2025-04-03 14:56
曼城舊將理查茲:克洛普擁抱帕克是傲慢的,02025-04-03 14:53
海港主帥:球隊創造了足夠多的機會 結果令人失望2025-04-03 14:53
Over 82,000 evacuate as Blue Cut fire rapidly spreads in southern California2025-04-03 14:45
官方 :阿根廷前鋒卡裏略加盟河南嵩山龍門2025-04-03 14:32
Sound the alarms: Simone Biles finally met Zac Efron2025-04-03 17:14
切爾西即將簽約19歲俄羅斯新星,傳得準搶得狠有望贏得球迷青睞2025-04-03 16:35
AC米蘭隊史今天 :1992年8月30日巴斯滕+馬薩羅破門,第2次獲得意大利超級杯2025-04-03 16:32
鬼魂徘徊!巴黎將豁免國際米蘭的7000萬歐洲球星 !後防大將的轉會敲定2025-04-03 15:36
MashReads Podcast: What makes a good summer read?2025-04-03 15:34
小儒尼尼奧 :梅西是世界第一人!那些隻知道射門的人不可能奪冠 !2025-04-03 15:19
官宣 !中國女足國腳加盟大巴黎 ,和梅西做隊友,多達9人留洋2025-04-03 15:17
2分鍾丟兩球!中超爆大冷 ,衛冕冠軍無緣10連勝 ,三鎮隔空利好2025-04-03 15:08
Despite IOC ban, Rio crowds get their political messages across2025-04-03 15:06
阿根廷中鋒加盟河南隊 ,曾獲得法甲冠軍 上賽季西甲29場2球2025-04-03 14:36