Connect with us

Asaba Metro News

Cyber Security

News

Cyber-attack: UK Security Researcher halts Ransomware ‘By Accident’


A UK cyber security researcher has accidentally discovered a “kill switch” that could prevent the spread of the  malicious ransomware that has affected hundreds of organisations

BBC reports that the 22-year-old man, known by the pseudonym MalwareTech, had taken a week off work, but decided to investigate the ransomware after hearing about the global cyber-attack.

He managed to bring the spread to a halt when he found what appeared to be a “kill switch” in the rogue software’s code.

“It was actually partly accidental,” he told the BBC, after spending the night investigating. “I have not slept a wink.”

Although his discovery did not repair the damage done by the ransomware, it did stop it spreading to new computers, and he has been hailed an “accidental hero”.

ALSO READ:  Delta Assembly: House Committee on health Challenges MDAs on Health Budget Compliance

“I would say that’s correct,” he said.

“The attention has been slightly overwhelming. The boss gave me another week off to make up for this train-wreck of a vacation.”

The researcher first noticed that the malware was trying to contact a specific web address every time it infected a new computer.

Germany Rail Stations Screen affected by Ransomware

Ransomware attack wiped out display screens at rail stations in Germany (AFP)

But the web address it was trying to contact – a long jumble of letters – had not been registered.

MalwareTech decided to register it, and bought it for $10.69 (£8). Owning it would let him see where computers were accessing it from, and give him an idea of how widespread the ransomware was.

ALSO READ:  Senator Ned Nwoko goes tough on Anioma Creation

By doing so, he unexpectedly triggered part of the ransomware’s code that told it to stop spreading.

This type of code is known as a “kill switch”, which some attackers use to halt the spread of their software if things get out of hand.

He tested his discovery and was delighted when he managed to trigger the ransomware on demand.

“Now you probably can’t picture a grown man jumping around with the excitement of having just been ‘ransomwared’, but this was me,” he said in a blog post.

MalwareTech now thinks the code was originally designed to thwart researchers trying to investigate the ransomware, but it backfired by letting them remotely disable it.

ALSO READ:  Delta Assembly assures Robust Approach to Issues, Applauds Oborevwori's Achievements

While the registration of the web address appears to have stopped one strain of the ransomware spreading from device-to-device, it does not repair computers that are already infected.

Security experts have also warned that new variants of the malware that ignore the “kill switch” will appear.

“This variant shouldn’t be spreading any further, however there’ll almost certainly be copycats,” said security researcher Troy Hunt in a blog post.

MalwareTech warned: “We have stopped this one, but there will be another one coming and it will not be stoppable by us.

“There’s a lot of money in this, there is no reason for them to stop. It’s not much effort for them to change the code and start over.”

BBC


For advert placement, publication of news content, articles, videos or any other news worthy materials on this Website, kindly send mail to asabametro@gmail.com.

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More in News

Advertisement

TRENDING STORIES

Advertisement

LATEST STORIES

Advertisement
To Top