时间:2025-04-26 21:16:50 来源:网络整理编辑:探索
When it comes to online currency, lulz just might outvalue Bitcoin. A unknown group of hackers is wo
When it comes to online currency, lulz just might outvalue Bitcoin.
A unknown group of hackers is working behind the scenes to restart the ransomware WannaCry, and one security expert believes the culprits this time around aren't who you think.
And neither is their motivation.
SEE ALSO:It won't be easy for WannaCry hackers to get their cashContrary to what you might expect, it appears not to be the initial group responsible for WannaCry now working to startle the ransomware monster awake from its slumber. Rather, we may have some internet randos to thank.
Why? The leading theory, proposed by security researcher Marcus Hutchins, suggests it's all about shits and giggles.
WannaCry rushed onto the international scene on May 12, infecting and encrypting hundreds of thousands of computer systems running unpatched Windows operating systems. The ransomware demanded that victims pay around $300 in the cryptocurrency Bitcoin to their attackers if they ever wanted to see their files again.
"Yeah, it's most likely scriptkiddies doing it for lulz."
Some paid up, but computers stayed encrypted.
And while the damage was bad — England's National Health Service was hit particularly hard — it could have been a lot worse. The ransomware -- which utilized a stolen NSA exploit called EternalBlue -- stopped spreading when Hutchins registered a mysterious domain he discovered in the malware code and sinkholed it.
Hutchins explained the process on his blog, noting that "a sinkhole is a server designed to capture malicious traffic and prevent control of infected computers by the criminals who infected them."
The ransomware, it seems, was designed to contact Hutchins' domain before it spread to the next victim. Hutchins' registration of that domain created a kind of kill switch — effectively telling WannaCry to stop spreading.
As long as that domain, and one other discovered and sinkholed by a different researcher, remain up and active the ransomware won't spread. Which brings us back to our lulz-pirates.
Hutchins has observed an intentional distributed denial of service attack aimed at his domain with the apparent goal of knocking it offline. Wiredreports that the traffic appears to be coming courtesy of the Mirai botnet — the same botnet, comprised of IoT devices like wireless security cameras, that brought down parts of the internet in the fall of 2016.
Tweet may have been deleted
Why would anyone do this? Could the initial WannaCry developers simply want more computers infected with the hope of making more money? Probably not.
As Hutchins confirmed via Twitter direct message, the initial attackers can't appear to even keep up with the volume of decryption requests they've already received.
"[The] decryption system is stupid and completely unscalable," he observed.
In other words, infecting more computers won't exactly translate to more Bitcoin in their wallets. That leaves another possibility: someone just looking to mess with people.
"Yeah, it's most likely scriptkiddies doing it for lulz," Hutchins further speculated — using a term that refers to relatively low-skilled hackers.
So there you have it. If someone manages to knock Hutchins' sinkhole offline, allowing WannaCry to spread further in the process, you'll likely have some random prankster with a messed up sense of humor to thank.
But don't stress about it too much. "The DDoS is unlikely to be successful," reassures Hutchins.
Phew. Now if only Hutchins could solve our other internet security problems.
TopicsCybersecurity
Mom discovers security cameras hacked, kids' bedroom livestreamed2025-04-26 21:03
中超兩大懸念解讀 ,領頭羊挺過至暗時刻 廣州城尚存逆襲希望2025-04-26 20:56
浙江隊官方:外援中衛盧卡斯心髒不適 將返回巴西檢查治療2025-04-26 20:49
郝偉:沒贏球因得分效率低 費萊尼腿不太舒服2025-04-26 20:19
Despite IOC ban, Rio crowds get their political messages across2025-04-26 20:13
中超21輪精彩瞬間:海港國安隊長情深 坎特依舊凶猛2025-04-26 19:36
兩大攻擊手回歸+黃博文回歸 廣州隊北上麵臨兩大難敵2025-04-26 19:25
看哭了 !泰山隊外援和家人團聚 ,一家四口抱在一起,本賽季8球8助2025-04-26 19:21
Major earthquake and multiple aftershocks rock central Italy2025-04-26 19:12
謝暉道破大連隊為何遭遇兩連敗:球隊處於瓶頸期 將迎來惡戰2025-04-26 18:51
Plane makes emergency landing after engine rips apart during flight2025-04-26 21:06
31.55億!廣州城投底價拿下原恒大足球場地塊2025-04-26 20:47
中超第21輪最佳 :申花門將馬鎮當選 多次神撲助球隊拿下3分2025-04-26 20:45
武磊:我們需要更多人熱愛足球 才會有會踢球的人2025-04-26 20:26
17 questions you can answer if you're a good communicator2025-04-26 20:12
安切洛蒂:本澤馬首發小熊未必 毫不在乎首發曝光2025-04-26 20:02
巴薩被判死緩!兩功勳成罪魁 四大隊長或聯袂離隊2025-04-26 19:40
討薪 !前武漢長江梯隊教練 :至今已經欠薪18個月2025-04-26 19:08
MashReads Podcast: What makes a good summer read?2025-04-26 18:53
青春風暴 !拜仁六小聯袂出戰歐冠? 巴薩國米氣哭2025-04-26 18:30