In Group IB told about the main features of the virus WannaCry
In a press-service of Group IB told RNS about the main features of the virus WannaCry.
“Three main features of the cipher WannaCry that we know of at the moment:
1) It uses an exploit ETERNALBLUE from the Arsenal of spy tools the national security Agency USA (NSA) which was made public by hackers Shadow Brokers. The patch closing the vulnerability, for Windows Vista and later became available on March 9 in the composition of the Bulletin MS17−010. This patch for older OS like Windows XP and Windows server 2003 will not, as they are derived from the support.
2) in Addition to the encryption of the files it scans the Internet for vulnerable hosts. That is, if your computer was in a different network, the malware will spread it, too — hence an avalanche of infections.
3) the Files are encrypted, not all, but selectively choose the most “sensitive”, i.e. the documents, databases, email, — reported in Group IB.