About WannaCry

WannaCry is a notorious ransomware strain that gained global attention following its widespread outbreak in May 2017. Leveraging a vulnerability in the Windows operating system, WannaCry propagated rapidly across networks, encrypting files and demanding ransom payments from victims in exchange for decryption keys.

How it works?

WannaCry spreads through a worm-like mechanism, exploiting the EternalBlue vulnerability in the Server Message Block (SMB) protocol, which is used for file sharing in Windows systems. Once a system is infected, WannaCry encrypts files on the local disk and network shares, rendering them inaccessible to the user.

Furthermore, WannaCry utilizes a payment infrastructure involving Bitcoin to receive ransom payments from victims. However, there is no guarantee that paying the ransom will result in the recovery of encrypted files.

What is the target?

WannaCry targets primarily Windows-based systems, including personal computers and servers, across various sectors, including healthcare, finance, government, and manufacturing. Its indiscriminate nature and rapid propagation made it one of the most widespread and damaging ransomware attacks in history.

Moreover, WannaCry's impact extended beyond individual victims, causing significant disruptions to critical infrastructure and economic losses totaling billions of dollars.

Who created it?

The exact identity of WannaCry's creators remains unknown, although various theories and attributions have been proposed by cybersecurity researchers and intelligence agencies. Some speculate that it may have originated from state-sponsored actors, while others suggest involvement from cybercriminal organizations.

Regardless of its origins, WannaCry served as a wake-up call for the global cybersecurity community, highlighting the importance of timely patching, robust security measures, and effective incident response strategies to mitigate the impact of ransomware attacks.

Warning

The information provided on this website is intended for educational purposes only. It should not be used to create, distribute, or execute any malicious software. We strongly condemn the use of malware for illegal or unethical activities.

Malware samples can cause harm to your computer system and compromise your security. Handle these samples with extreme care and only in isolated environments. Do not execute these samples on any system connected to the internet or any network containing sensitive information.

The maintainer and contributors of this repository, both past, present, and future, are not responsible for any loss of data, system damage, or other consequences resulting from the mishandling of the samples provided herein. Caution is advised when testing any file present in this repository.

View Sample on GitHub