Wannacrypt0r is a new strain of ransomware.
Unlike its predecessors, it does not require logged in credentials or email dissemination. As soon as a computer is powered on the LAN and/or the Internet, it can be infected. No user interaction is required.
Because it does not require user interaction to propagate, it was capable of infecting more than 100000 computers in 24 hours. Some high-end victims include the british National Health Service (NHS) and its hospitals, spanish telecom operator Telefonica, french car manufacturer Renault and german railway operator Deutsche Bahn (DB).
If you are using Windows computer, you'd better make sure that it is patched against MS17-010. The patch should have been automatically applied on or around 2nd of May, but we have seen instances where this automatically patching process failed.
Check for the following patches from Microsof on your system :
- Windows Vista : KB4012598
- Windows Server 2008 : KB4012598
- Windows 7 : KB4012212 or KB4012215
- Windows Server 2008 R2: KB4012212 or KB4012215
- Windows 8.1 : KB4012213 or KB4012216
- Windows Server 2012 and Windows Server 2012 R2 : KB4012213, KB4012214, KB4012216 or KB4012217
- Windows 10 : KB4012606, KB4013198 or KB4013429
- Windows Server 2016 : KB4013429
In order to protect yourself against this strain of malware and future ones, you should patch frequently.
In this epidemy, the malware surfaced 28 days after a patch was made available by Microsoft.