Russian “Kaspersky Lab” recorded around 45 thousand attacks cryptography program “WannaCry” in 74 countries around the world; the greatest contamination covered Russia, said on Friday in “Kaspersky Lab”.
“Experts “Kaspersky Lab” analyzed information about infiltrations cryptography program, called “WannaCry”, which 12 may have faced companies around the world. At the moment, “Kaspersky Lab” recorded around 45 thousand attacks in 74 countries around the world. The greatest number of attempts of infiltrations is observed in Russia”, – said the representative of the laboratory.
According to him, for decryption the criminals demand a ransom to be paid in the amount of $600 in the cryptocurrency Bitcoin.
Currently, the laboratory experts analyze samples of malicious software for the establishment of the ability to decrypt data, said a company representative.
He explained that the attack occurred through well-known network vulnerability Microsoft Security Bulletin MS17-010, after which the infected system established a set of scripts, using which attackers run a program coder.
“All decisions “Kaspersky Lab” detects this rootkit as MEM:Trojan.Win64.EquationDrug.gen. Solutions of Kaspersky Lab also detects programs encoders that were used in this attack, the following verdicts: Trojan-Ransom.Win32.Scatter.uf; Trojan-Ransom.Win32.Fury.fr; PDM:Trojan.Win32.Generic (for the detection of this malware component “Monitoring System” must be enabled)”, – he noted.
According to him, to reduce the risks of infection, the companies are recommended to install a special patch from Microsoft to make sure that the security solutions on all nodes of the network, and run a scan of critical areas in the protective solution.
“After detecting MEM:Trojan.Win64.EquationDrug.gen reboot of the system; in the future to prevent such incidents is to use the services of informing about the threats in order to obtain data on the most dangerous targeted attacks and possible infections,” – said the representative of “Kaspersky Lab”.