Hero of WannaCry Ransomware Arrested: Here's Why

Status
Not open for further replies.

JoshRoss

Estimable
Jul 11, 2017
228
0
5,260
If I am being honest, it is shocking, according to multiple people and from what I saw, the guy has been working like crazy to monitor, prevent, and detect malware, especially ransomware and botnets lately. Would be ridiculous if he was actually behind the banking trojan.....
 

PeterKendrick

Commendable
Aug 10, 2016
49
0
1,610
Every security researcher imo must've dwelt in the dark. I think FBI/CIA can't digest its failure to protect their assets and respond to their mess in this way.
 

temporaldoom

Prominent
Aug 4, 2017
1
0
510
"The ransomware was hardcoded to receive instructions from a specific web domain, which Hutchins found was unregistered. After he registered the domain and began operating a server on it to capture traffic from WannaCry, the ransomware suddenly stopped infecting Hutchins' test machines.
It turned out that WannaCry had a built-in "kill switch," possibly to prevent its discovery by malware researchers, who often perform research on isolated virtual machines that mimic the entire internet without actually being connected to it."

So the hardcoded domain was a decoy that serves as the kill-switch if someone attempts to register and receive traffic from it?
 
Status
Not open for further replies.