Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Find New Version Of WanaDecrypt0r Ransomware Without A Kill Switch (vice.com)

Posted by EditorDavid on from the wanna-cry-more? dept.

Remember that "kill switch" which shut down the WannCry ransomware? An anonymous reader quotes Motherboard: Over Friday and Saturday, samples of the malware emerged without that debilitating feature, meaning that attackers may be able to resume spreading ransomware even though a security researcher cut off the original wave. "I can confirm we've had versions without the kill switch domain connect since yesterday," Costin Raiu, director of global research and analysis team at Kaspersky Lab told Motherboard on Saturday... Another researcher confirmed they have seen samples of the malware without the killswitch.

4 of 98 comments (clear)

  1. Never Run Windows on Bare Metal by Anonymous Coward · · Score: 1, Insightful

    1) Get ransomware
    2) Read warning about losing data
    3) Chuckle with a smirk on your face
    4) Revert to this morning's snapshot
    5) Carry on

  2. sometimes i think worse must precede better... by Anonymous Coward · · Score: 5, Insightful

    I've seen security-aware people being widely ignored by technically illiterate managers and decision makers for decades. Sometimes they aren't given the tools they ask for, or their advice is ignored, or sometimes they are both ignored and still blamed when things go wrong. That's not even getting into all the ordinary folks buying low-security or pre-backdoored IoT devices, and the intrusion of the internet into everyday things like cars and televisions.

    Sometimes I think something really nasty has to happen before people will wake up. But then when I think about it some more, I don't believe that would help either. The wrong message would be taken. Instead of adopting good security practices, it would instead be a series of laws that managed to be both misguided, harmful, and utterly useless for solving the real problem. It would be "magical thinking" instead of really paying attention to digital security.

    Then I go have a couple beers, because fuck it.

  3. It's All About ROI by Frosty+Piss · · Score: 4, Insightful

    It's not like most IT departments don't know these vulnerabilities exist, and there are many common reasons, some common ones being:

    A) Code written under a very tight schedule, where getting working code operational is the number one target, and the team expects to tighten up the security later but never does.

    B) Legacy code written before this type of security was much of a concern.

    The main problem with preventing this kind of thing is the Bean Counters. Generally, they will do a calculus of the possibility that they specifically will be hack, and what it will cost to tighten up the code to prevent the hack. In other words, they gamble that they will not be hacked, thus saving them the money it will cost to have their inside team or a contractor fix things. It's all about their bonus.

    Of course the Bean Counters will not admit this, but it's important to understand that the people who sign off on allocating the funds to accomplish tightening up security simply have no understanding about the actual threat verses cost, nor do they really care because it's all about ROI.

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:It's All About ROI by StormReaver · · Score: 3, Insightful

      Neither (A) nor (B) apply in this case, but rather:

      C) Organizations insist on using an operating system that has been known for decades to have more severe security holes than Swiss cheese, but which the (only!) vendor refuses to fix until its too late (if even then).