New
#50
A 'kill switch' is slowing the spread of WannaCry ransomware
Friday’s unprecedented ransomware attack may have stopped spreading to new machines -- at least briefly -- thanks to a "kill switch" that a security researcher has activated.A 'kill switch' is slowing the spread of WannaCry ransomware | PCWorldHowever, the ransomware also contains a kill switch that may have backfired on its developers, according to security researchers.
Wana Decryptor infects systems through a malicious program that first tries to connect to an unregistered web domain. The kill switch appears to work like this: If the malicious program can’t connect to the domain, it’ll proceed with the infection. If the connection succeeds, the program will stop the attack.
A security researcher who goes by the name MalwareTech found that he could activate the kill switch by registering the web domain and posting a page on it.