14May

How WannaCrypt propagates across a network

WannaCrypt which has been in the media recently (May 2017) has been determined to be a very quick spreading malware featuring a Cryptolocker payload. The spread of the current variant has been stemmed through the seemingly innocent actions of a security researcher. The researcher in question registered a domain name which the payload was attempting to contact, on detection of the server the payload would cease and the malware would effectively be killswitched.