WannaCry Ransomware Virus attack – What is it

PREMIUM TECH SUPPORT COMPANY

need-know-wannacry-virusWannaCry, better known on the internet as Ransomware is a Trojan horse virus which hijacks the critical files of a computer system, takes them hostage and demands that the user pay a particular amount to free the files. This virus attacked on May 12, 2017 an estimated 57,000 computers in 150 countries and is the most severe cyber-attacks of 2017. WannaCry basically affects Windows-based computer systems and has affected some major corporations including FedEx, Britain’s NHS (National Health Services), LATAM Airlines and Deutsche Bahn.

Those systems which have not been updated, especially those having Microsoft Windows XP or Windows Server 2003 are at the highest risk of being exposed to WannaCry.

What is WannaCry capable of doing to a system?

WannaCry works by encrypting every single file on the user’s computer system. The software then demands a specific ransom amount from the user in the form of bitcoins. However, of late the amount has been known to be $300 at the time of infection and doubles in the next three days. Also, following non-payment within 7 days will lead to permanent deletion of the encrypted files and data.

What type of files will WannaCry infect?

Some of the file extensions that WannaCry hijacks and infects include the following;

  • .123
  • .3dm
  • .3ds
  • .3g2
  • .3gp
  • .602
  • .7z
  • .ARC
  • .PAQ
  • .accdb
  • .aes
  • .ai
  • .asc
  • .asf
  • .asm
  • .asp
  • .avi
  • .backup
  • .bak
  • .bat
  • .bmp
  • .brd
  • .bz2
  • .cgm
  • .class
  • .cmd
  • .cpp
  • .crt
  • .cs
  • .csr
  • .csv
  • .db
  • .dbf
  • .dch
  • .der
  • .dif
  • .dip
  • .djvu
  • .doc
  • .docb
  • .docm
  • .docx
  • .dot
  • .dotm
  • .dotx
  • .dwg
  • .edb
  • .eml
  • .fla
  • .flv
  • .frm
  • .gif
  • .gpg
  • .gz
  • .hwp
  • .ibd
  • .iso
  • .jar
  • .java
  • .jpeg
  • .jpg
  • .js
  • .jsp
  • .key
  • .lay
  • .lay6
  • .ldf
  • .m3u
  • .m4u
  • .max
  • .mdb
  • .mdf
  • .mid
  • .mkv
  • .mml
  • .mov
  • .mp3
  • .mp4
  • .mpeg
  • .mpg
  • .msg
  • .myd
  • .myi
  • .nef
  • .odb
  • .odg
  • .odp
  • .ods
  • .odt
  • .onetoc2
  • .ost
  • .otg
  • .otp
  • .ots
  • .ott
  • .p12
  • .pas
  • .pdf
  • .pem
  • .pfx
  • .php
  • .pl
  • .png
  • .pot
  • .potm
  • .potx
  • .ppam
  • .pps
  • .ppsm
  • .ppsx
  • .ppt
  • .pptm
  • .pptx
  • .ps1
  • .psd
  • .pst
  • .rar
  • .raw
  • .rb
  • .rtf
  • .sch
  • .sh
  • .sldm
  • .sldx
  • .slk
  • .sln
  • .snt
  • .sql
  • .sqlite3
  • .sqlitedb
  • .stc
  • .std
  • .sti
  • .stw
  • .suo
  • .svg
  • .swf
  • .sxc
  • .sxd
  • .sxi
  • .sxm
  • .sxw
  • .tar
  • .tbk
  • .tgz
  • .tif
  • .tiff
  • .txt
  • .uop
  • .uot
  • .vb
  • .vbs
  • .vcd
  • .vdi
  • .vmdk
  • .vmx
  • .vob
  • .vsd
  • .vsdx
  • .wav
  • .wb2
  • .wk1
  • .wks
  • .wma
  • .wmv
  • .xlc
  • .xlm
  • .xls
  • .xlsb
  • .xlsm
  • .xlsx
  • .xlt
  • .xltm
  • .xltx
  • .xlw
  • .zip

With which files can WannaCry infect my system?

Ransomware aka WannaCry corrupts your system with the following file extensions. These include ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .crypto, _crypt, .crinf, .r5a, .XRNT, .XTBL, .crypt, .R16M01D05, .pzdc, .good, .LOL!, .OMG!, .RDM, .RRK, .encrypted RSA, .crjoker, .EnCiPhErEd, .LeChiffre, .keybtc@inbox_com, .0x0, .bleep, .1999, .vault, .HA3, .toxcrypt, .magic, .SUPERCRYPT, .CTBL, .CTB2, .locky or 6-7 length extension consisting of random characters.

What to do if my system is infected with WannaCry?

Presently, the only method that works against WannaCry is regular updates for all the security tools in your system. Also, keeping a back-up of your system data is also recommended. However, other measures that can be undertaken are mentioned below;

  1. Keep your Operating System and Anti-Virus up to date.
  2. Back-up the important files in a secured hard drive or cloud storage.
  3. Do not open any email attachments from unknown senders.
  4. Always be careful when opening and downloading from any third party websites.

Still feeling helpless…..Call us @ 1-888-479-2017, we are here to help you.

18884792017