WannaCry (also known as 'Wana Decrypt0r,' 'WannaCryptor' or 'WCRY') ransomware is infecting computers around the world.

It is not only targeting corporations, but also public organizations. If infected, the ransomware asks for a payment of $300 to unlock the system.

The attack is based on a Windows exploit that was stolen from the NSA a month ago. Microsoft released a patch for the flaw in March (MS17-010), but many systems have not be updated. The exploit has the capability to penetrate into machines running unpatched version of Windows XP through 2008 R2 by exploiting flaws in Microsoft Windows SMB Server.

Once one system is infected, the worm starts looking for other computers in a network to infect.

It only took a few hours to target over 45,000 computers in 74 countries. It has shut down 16 hospitals across the U.K. and 85% of computers at the Spanish telecom firm, Telefonica.

By the numbers, WannaCry has hit at least 1,600 organizations in the U.S., 11,200 in Russia and 6,500 in China.

Little is still known about how the attacks are being carried out, but the guess is infected emails and/or victims visiting a website containing malware.

All the patches are listed here on MajorGeeks.

Source: The Hacker News