What is WannaCry Ransomware?

WannaCry Ransomware has come to become one of the most popular malware threats of its time early 2017 where it took the computer security scene by storm, in many literal ways. The WannaCry threat, sometimes called WannaCryptor or WanaCrypt0r, is a Trojan horse malware threat that uses a worm-like attack method. Such a method allows WannaCry to slip onto a vulnerable computer without any indication to the computer user where it will perform malicious activities without warning.

WannaCry Ransomware Creates Mass Hysteria for Countless Compromised Computers

The WannaCry Ransomware attack is known for compromising hundreds of thousands of computers around the world at the initial onset of it spreading. Most of the compromised systems at first were ones located in Russia, and Great Britain where a large percentage were ones targeted within the healthcare system. Such attacks left healthcare systems without the ability to fully care for their patients creating a mass hysteria within some communities.

WannaCry went on to evolve reaching other countries, such as Ukraine, Taiwan, India, and beyond. The vulnerability leveraged in WannaCry attacks was the CVE-2017-0145, which was also known as EternalBlue, which would allow a programmer or hacker to send a package to a SMB server and run malicious code and install other malware. The proliferation of WannaCry ultimately infected other computers that the initially compromised systems were connected to.

Through the use of traditional exploitation and attack methods of ransomware, WannaCry was also a creature of such malicious actions. WannaCry Ransomware would encrypt data on infected systems using customized AES-256 cipher effecting images, audio files, video files, and many text files stored on an infected computer.

One of the ransom notes from WannaCry read:

'Ooops, your important files are encrypted.
If you see this text, but don't see the "Wana DecryptOr" window, then your antivirus removed the decrypt software or you deleted it from your computer.
If you need your files you have to run the decrypt software.
Please find an application file named "@WanaDecryptor@.exe" in any folder or restore from the antivirus quarantine.
Run and follow the instructions!

Solutions Discovered To Remove WannaCry Ransomware

Those affected by WannaCry attacks found themselves nearly helpless and without a clear answer. However, computer security researchers and experts discovered that those affected by WannaCry can utilize an antimalware tool to eliminate the threat and avoid paying the $300 or more to supposedly restore the WannaCry-encrypted files. Most attacked by WannaCry utilized a system backup to restore such files after eliminating WannaCry by an automatic removal process initiated by trusted antimalware software.