WannaCry is a piece of ransomware that can infect and spread rapidly through a number of computer networks.
WannaCry is a piece of ransomware that can infect and spread rapidly through a number of computer networks.
WannaCry consists of multiple components and infiltrates the target computer in the form of what is known as a doppler, which is a self-contained program that extracts the other application components embedded within the ransomware. These components include an application that encrypts and decrypts data, files containing encryption keys, and a copy of TOR.
When it comes to Windows, the vulnerability that WannaCry exploits involves the Windows implementation of the Server Message Block (SMB) protocol. The SMB protocol allows various nodes on a network to communicate, and Microsoft's implementation can be tricked, through specifically crafted packets, into executing arbitrary code.
WannaCry can be seen as a prime example of what crypto ransomware can look like and how it can be used to extort money. It does this by encrypting potentially valuable files and can even lock a user out of his or her computer altogether. Any ransomware that uses encryption is called crypto ransomware. The type that specifically locks users out of the computer is called locker ransomware.
Join the thousands already learning crypto!