SlideShare a Scribd company logo
1 of 15
WANNACRY / WANNACRYPT
RANSOMWARE
Prepared by:
- Ayoub Rouzi
- Abdelhakim Salama
PLAN
 Introduction
 What happened ?
 What is Wannacry / Wannacrypt ?
 How many Infections ?
 What happens to the victim?
 How to protect yourself ?
 Will Paying the Ransom Help Us?
 Conclusion
2
WHAT IS RANSOMWARE ?
 “Ransomware is a malware that encrypts contents on infected systems and demands payment in bitcoins.”
3
WHAT HAPPENED?
several organizations were affected by a new Ransomware strain.
The exploit ETERNALBLUE, was released in as part of a leak of NSA.
May 12th 2017
April 15th 2017
March 14th 2017
Apparition of WanaCrypt0r 2.0 who is more dangerious May 22th 2017
A young white hat hacker stopped wannacry attackMay 21th 2017
A "critical" patch had been issued by Microsoft
4
HOW MANY INFECTIONS?
Estimated > 200,000 victims
5
HOW MANY INFECTIONS?
6
HOW MANY INFECTIONS?
7
HOW DO SYSTEMS GET INFECTED?
• E-Mail.
• Infected websites.
• SMB (Server Message Block) :
vulnerable systems exposed via port 445.
8
WHAT HAPPENS TO THE VICTIM?
• Files with specific extensions will be encrypted.
• The victim will see a ransom message asking for approx. $300.
9
WHAT HAPPENS TO THE VICTIM?
• Once all the files are encrypted:
• Open a backdoor
10
WHAT HAPPENS TO THE VICTIM?
Wannacry warns the user of the encryption of these files by modificating the desktop wallpaper:
11
HOW TO PROTECT YOURSELF
12
WILL PAYING THE RANSOM HELP US?
• There is no public report from victims who paid the ransom.
• About a hundred victims paid so far.
13
WHAT’S THE UPDATES ?
14
• Windows, Linux, Mac
• More victims
• More data collection
CONCLUSION
15

More Related Content

What's hot

Wannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedWannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedThomas Roccia
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?Datto
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingNetsparker
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityChitra Mudunuru
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing ThreatNick Miller
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)phexcom1
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASPMarco Morana
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceEr. Shiva K. Shrestha
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessJason Murray
 

What's hot (20)

Wannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedWannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons Learned
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
 
Ransomware attacks
Ransomware attacksRansomware attacks
Ransomware attacks
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing Threat
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacks
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS Attacks
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASP
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTION
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of Service
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
 

Similar to WannaCry / Wannacrypt Ransomware

Wannacry cyber attack.pptx
Wannacry cyber attack.pptxWannacry cyber attack.pptx
Wannacry cyber attack.pptxmachandi
 
WannaCry: Autopsy of Ransomwar
WannaCry: Autopsy of RansomwarWannaCry: Autopsy of Ransomwar
WannaCry: Autopsy of RansomwarDavid Smith
 
Crucial wannacryoutbreaks
Crucial wannacryoutbreaksCrucial wannacryoutbreaks
Crucial wannacryoutbreakskevinmass30
 
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...Jay Beale
 
WannaCry Ransomware Attack
WannaCry Ransomware AttackWannaCry Ransomware Attack
WannaCry Ransomware AttackShehryar Khan
 
Your Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeYour Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
 
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...BlueHat Security Conference
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 
Ransomware (1).pdf
Ransomware (1).pdfRansomware (1).pdf
Ransomware (1).pdfHiYeti1
 
MLabs - Cyber Crime Tactics and Techniques Q2 2017
MLabs - Cyber Crime Tactics and Techniques Q2 2017MLabs - Cyber Crime Tactics and Techniques Q2 2017
MLabs - Cyber Crime Tactics and Techniques Q2 2017Jermund Ottermo
 
The Wannacry Effect - Provided by Raconteur
The Wannacry Effect - Provided by RaconteurThe Wannacry Effect - Provided by Raconteur
The Wannacry Effect - Provided by RaconteurGary Chambers
 
Wannacry-A Ransomware Attack
Wannacry-A Ransomware AttackWannacry-A Ransomware Attack
Wannacry-A Ransomware AttackMahimaVerma28
 
What is wanna cry ransomware attack
What is wanna cry ransomware attackWhat is wanna cry ransomware attack
What is wanna cry ransomware attacki-engage
 

Similar to WannaCry / Wannacrypt Ransomware (20)

Wannacry cyber attack.pptx
Wannacry cyber attack.pptxWannacry cyber attack.pptx
Wannacry cyber attack.pptx
 
SECURITY IN COMPUTING.pptx
SECURITY IN COMPUTING.pptxSECURITY IN COMPUTING.pptx
SECURITY IN COMPUTING.pptx
 
Escan advisory wannacry ransomware
Escan advisory wannacry ransomwareEscan advisory wannacry ransomware
Escan advisory wannacry ransomware
 
Wannacry Virus
Wannacry VirusWannacry Virus
Wannacry Virus
 
Wanna cry
Wanna cryWanna cry
Wanna cry
 
WannaCry: Autopsy of Ransomwar
WannaCry: Autopsy of RansomwarWannaCry: Autopsy of Ransomwar
WannaCry: Autopsy of Ransomwar
 
Crucial wannacryoutbreaks
Crucial wannacryoutbreaksCrucial wannacryoutbreaks
Crucial wannacryoutbreaks
 
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
 
WannaCry Ransomware Attack
WannaCry Ransomware AttackWannaCry Ransomware Attack
WannaCry Ransomware Attack
 
Your Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeYour Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | Sysfore
 
Ransomware
RansomwareRansomware
Ransomware
 
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About RansomwareWhat Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
 
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
 
Ransomware (1).pdf
Ransomware (1).pdfRansomware (1).pdf
Ransomware (1).pdf
 
MLabs - Cyber Crime Tactics and Techniques Q2 2017
MLabs - Cyber Crime Tactics and Techniques Q2 2017MLabs - Cyber Crime Tactics and Techniques Q2 2017
MLabs - Cyber Crime Tactics and Techniques Q2 2017
 
The Wannacry Effect - Provided by Raconteur
The Wannacry Effect - Provided by RaconteurThe Wannacry Effect - Provided by Raconteur
The Wannacry Effect - Provided by Raconteur
 
Wannacry-A Ransomware Attack
Wannacry-A Ransomware AttackWannacry-A Ransomware Attack
Wannacry-A Ransomware Attack
 
Ransomware 2017: New threats emerge
Ransomware 2017: New threats emergeRansomware 2017: New threats emerge
Ransomware 2017: New threats emerge
 
What is wanna cry ransomware attack
What is wanna cry ransomware attackWhat is wanna cry ransomware attack
What is wanna cry ransomware attack
 

More from Ayoub Rouzi

Khdemti.com: We revolutionize the way project owners and freelancers work tog...
Khdemti.com: We revolutionize the way project owners and freelancers work tog...Khdemti.com: We revolutionize the way project owners and freelancers work tog...
Khdemti.com: We revolutionize the way project owners and freelancers work tog...Ayoub Rouzi
 
NFS, MPI, Programmation Sérial & Parallèle avec Condor Scénarios et Simulatio...
NFS, MPI, Programmation Sérial & Parallèle avec Condor Scénarios et Simulatio...NFS, MPI, Programmation Sérial & Parallèle avec Condor Scénarios et Simulatio...
NFS, MPI, Programmation Sérial & Parallèle avec Condor Scénarios et Simulatio...Ayoub Rouzi
 
Reseaux mobiles: Rapport Projet : « Lien radio »
Reseaux mobiles: Rapport Projet : « Lien radio »Reseaux mobiles: Rapport Projet : « Lien radio »
Reseaux mobiles: Rapport Projet : « Lien radio »Ayoub Rouzi
 
Cahier des charges: Traiteur industriel des produits agro-Alimentaires culina...
Cahier des charges: Traiteur industriel des produits agro-Alimentaires culina...Cahier des charges: Traiteur industriel des produits agro-Alimentaires culina...
Cahier des charges: Traiteur industriel des produits agro-Alimentaires culina...Ayoub Rouzi
 
Application Android: Projet assurance
Application Android: Projet assuranceApplication Android: Projet assurance
Application Android: Projet assuranceAyoub Rouzi
 
Rapport DVWA: File Upload
Rapport DVWA: File UploadRapport DVWA: File Upload
Rapport DVWA: File UploadAyoub Rouzi
 
Rapport DVWA: CSRF
Rapport DVWA: CSRFRapport DVWA: CSRF
Rapport DVWA: CSRFAyoub Rouzi
 
Ateliers d’une application Web vulnérable
Ateliers d’une application Web vulnérable Ateliers d’une application Web vulnérable
Ateliers d’une application Web vulnérable Ayoub Rouzi
 
Rapport j2ee: Gestion d’un compte bancaire En utilisant les EJB 3.0
Rapport j2ee: Gestion d’un compte bancaire En utilisant les EJB 3.0Rapport j2ee: Gestion d’un compte bancaire En utilisant les EJB 3.0
Rapport j2ee: Gestion d’un compte bancaire En utilisant les EJB 3.0Ayoub Rouzi
 
Mobile ip - IT entités fonctionnelles de Mobile IP
Mobile ip - IT entités fonctionnelles de Mobile IPMobile ip - IT entités fonctionnelles de Mobile IP
Mobile ip - IT entités fonctionnelles de Mobile IPAyoub Rouzi
 
Résumé projet Smart Traffic Managment System Real Time (STMSRT)
Résumé projet Smart Traffic Managment System Real Time (STMSRT)Résumé projet Smart Traffic Managment System Real Time (STMSRT)
Résumé projet Smart Traffic Managment System Real Time (STMSRT)Ayoub Rouzi
 
Smart Parking: Stationnement intelligent État de l’art, Étude d’un exemple De...
Smart Parking: Stationnement intelligent État de l’art, Étude d’un exemple De...Smart Parking: Stationnement intelligent État de l’art, Étude d’un exemple De...
Smart Parking: Stationnement intelligent État de l’art, Étude d’un exemple De...Ayoub Rouzi
 
Smart traffic managment system real time (stmsrt)
Smart traffic managment system real time (stmsrt)Smart traffic managment system real time (stmsrt)
Smart traffic managment system real time (stmsrt)Ayoub Rouzi
 
Freelance,Travail traditionnel, Entrepreneuriat...Quel choix a suivre ?
Freelance,Travail traditionnel, Entrepreneuriat...Quel choix a suivre ?Freelance,Travail traditionnel, Entrepreneuriat...Quel choix a suivre ?
Freelance,Travail traditionnel, Entrepreneuriat...Quel choix a suivre ?Ayoub Rouzi
 
Programmation des cartes Arduino - Se familiariser avec la programmation Simple
Programmation des cartes Arduino - Se familiariser avec la programmation SimpleProgrammation des cartes Arduino - Se familiariser avec la programmation Simple
Programmation des cartes Arduino - Se familiariser avec la programmation SimpleAyoub Rouzi
 
Projet Radare de Recule - MANIPULATION AVEC L’ARDUINO
Projet Radare de Recule - MANIPULATION AVEC L’ARDUINOProjet Radare de Recule - MANIPULATION AVEC L’ARDUINO
Projet Radare de Recule - MANIPULATION AVEC L’ARDUINOAyoub Rouzi
 
Presentation kernel - Kernel Linux - Configuration – Compilation & installation
Presentation kernel - Kernel Linux - Configuration –  Compilation & installationPresentation kernel - Kernel Linux - Configuration –  Compilation & installation
Presentation kernel - Kernel Linux - Configuration – Compilation & installationAyoub Rouzi
 
Rapport Kernel Linux - Configuration – Compilation & installation
Rapport Kernel Linux - Configuration –  Compilation & installationRapport Kernel Linux - Configuration –  Compilation & installation
Rapport Kernel Linux - Configuration – Compilation & installationAyoub Rouzi
 

More from Ayoub Rouzi (20)

Khdemti.com: We revolutionize the way project owners and freelancers work tog...
Khdemti.com: We revolutionize the way project owners and freelancers work tog...Khdemti.com: We revolutionize the way project owners and freelancers work tog...
Khdemti.com: We revolutionize the way project owners and freelancers work tog...
 
NFS, MPI, Programmation Sérial & Parallèle avec Condor Scénarios et Simulatio...
NFS, MPI, Programmation Sérial & Parallèle avec Condor Scénarios et Simulatio...NFS, MPI, Programmation Sérial & Parallèle avec Condor Scénarios et Simulatio...
NFS, MPI, Programmation Sérial & Parallèle avec Condor Scénarios et Simulatio...
 
Reseaux mobiles: Rapport Projet : « Lien radio »
Reseaux mobiles: Rapport Projet : « Lien radio »Reseaux mobiles: Rapport Projet : « Lien radio »
Reseaux mobiles: Rapport Projet : « Lien radio »
 
Cahier des charges: Traiteur industriel des produits agro-Alimentaires culina...
Cahier des charges: Traiteur industriel des produits agro-Alimentaires culina...Cahier des charges: Traiteur industriel des produits agro-Alimentaires culina...
Cahier des charges: Traiteur industriel des produits agro-Alimentaires culina...
 
Application Android: Projet assurance
Application Android: Projet assuranceApplication Android: Projet assurance
Application Android: Projet assurance
 
Scheduler & SLA
Scheduler & SLAScheduler & SLA
Scheduler & SLA
 
Rapport DVWA: File Upload
Rapport DVWA: File UploadRapport DVWA: File Upload
Rapport DVWA: File Upload
 
Rapport DVWA: CSRF
Rapport DVWA: CSRFRapport DVWA: CSRF
Rapport DVWA: CSRF
 
Ateliers d’une application Web vulnérable
Ateliers d’une application Web vulnérable Ateliers d’une application Web vulnérable
Ateliers d’une application Web vulnérable
 
Rapport j2ee: Gestion d’un compte bancaire En utilisant les EJB 3.0
Rapport j2ee: Gestion d’un compte bancaire En utilisant les EJB 3.0Rapport j2ee: Gestion d’un compte bancaire En utilisant les EJB 3.0
Rapport j2ee: Gestion d’un compte bancaire En utilisant les EJB 3.0
 
L'estime de soi
L'estime de soiL'estime de soi
L'estime de soi
 
Mobile ip - IT entités fonctionnelles de Mobile IP
Mobile ip - IT entités fonctionnelles de Mobile IPMobile ip - IT entités fonctionnelles de Mobile IP
Mobile ip - IT entités fonctionnelles de Mobile IP
 
Résumé projet Smart Traffic Managment System Real Time (STMSRT)
Résumé projet Smart Traffic Managment System Real Time (STMSRT)Résumé projet Smart Traffic Managment System Real Time (STMSRT)
Résumé projet Smart Traffic Managment System Real Time (STMSRT)
 
Smart Parking: Stationnement intelligent État de l’art, Étude d’un exemple De...
Smart Parking: Stationnement intelligent État de l’art, Étude d’un exemple De...Smart Parking: Stationnement intelligent État de l’art, Étude d’un exemple De...
Smart Parking: Stationnement intelligent État de l’art, Étude d’un exemple De...
 
Smart traffic managment system real time (stmsrt)
Smart traffic managment system real time (stmsrt)Smart traffic managment system real time (stmsrt)
Smart traffic managment system real time (stmsrt)
 
Freelance,Travail traditionnel, Entrepreneuriat...Quel choix a suivre ?
Freelance,Travail traditionnel, Entrepreneuriat...Quel choix a suivre ?Freelance,Travail traditionnel, Entrepreneuriat...Quel choix a suivre ?
Freelance,Travail traditionnel, Entrepreneuriat...Quel choix a suivre ?
 
Programmation des cartes Arduino - Se familiariser avec la programmation Simple
Programmation des cartes Arduino - Se familiariser avec la programmation SimpleProgrammation des cartes Arduino - Se familiariser avec la programmation Simple
Programmation des cartes Arduino - Se familiariser avec la programmation Simple
 
Projet Radare de Recule - MANIPULATION AVEC L’ARDUINO
Projet Radare de Recule - MANIPULATION AVEC L’ARDUINOProjet Radare de Recule - MANIPULATION AVEC L’ARDUINO
Projet Radare de Recule - MANIPULATION AVEC L’ARDUINO
 
Presentation kernel - Kernel Linux - Configuration – Compilation & installation
Presentation kernel - Kernel Linux - Configuration –  Compilation & installationPresentation kernel - Kernel Linux - Configuration –  Compilation & installation
Presentation kernel - Kernel Linux - Configuration – Compilation & installation
 
Rapport Kernel Linux - Configuration – Compilation & installation
Rapport Kernel Linux - Configuration –  Compilation & installationRapport Kernel Linux - Configuration –  Compilation & installation
Rapport Kernel Linux - Configuration – Compilation & installation
 

Recently uploaded

TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...marcuskenyatta275
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGDSC PJATK
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...ScyllaDB
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireExakis Nelite
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Patrick Viafore
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingScyllaDB
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...panagenda
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024Stephen Perrenod
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentationyogeshlabana357357
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxFIDO Alliance
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxFIDO Alliance
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...FIDO Alliance
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...FIDO Alliance
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...ScyllaDB
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxFIDO Alliance
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!Memoori
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...FIDO Alliance
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform EngineeringMarcus Vechiato
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch TuesdayIvanti
 

Recently uploaded (20)

TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream Processing
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 

WannaCry / Wannacrypt Ransomware

  • 1. WANNACRY / WANNACRYPT RANSOMWARE Prepared by: - Ayoub Rouzi - Abdelhakim Salama
  • 2. PLAN  Introduction  What happened ?  What is Wannacry / Wannacrypt ?  How many Infections ?  What happens to the victim?  How to protect yourself ?  Will Paying the Ransom Help Us?  Conclusion 2
  • 3. WHAT IS RANSOMWARE ?  “Ransomware is a malware that encrypts contents on infected systems and demands payment in bitcoins.” 3
  • 4. WHAT HAPPENED? several organizations were affected by a new Ransomware strain. The exploit ETERNALBLUE, was released in as part of a leak of NSA. May 12th 2017 April 15th 2017 March 14th 2017 Apparition of WanaCrypt0r 2.0 who is more dangerious May 22th 2017 A young white hat hacker stopped wannacry attackMay 21th 2017 A "critical" patch had been issued by Microsoft 4
  • 5. HOW MANY INFECTIONS? Estimated > 200,000 victims 5
  • 8. HOW DO SYSTEMS GET INFECTED? • E-Mail. • Infected websites. • SMB (Server Message Block) : vulnerable systems exposed via port 445. 8
  • 9. WHAT HAPPENS TO THE VICTIM? • Files with specific extensions will be encrypted. • The victim will see a ransom message asking for approx. $300. 9
  • 10. WHAT HAPPENS TO THE VICTIM? • Once all the files are encrypted: • Open a backdoor 10
  • 11. WHAT HAPPENS TO THE VICTIM? Wannacry warns the user of the encryption of these files by modificating the desktop wallpaper: 11
  • 12. HOW TO PROTECT YOURSELF 12
  • 13. WILL PAYING THE RANSOM HELP US? • There is no public report from victims who paid the ransom. • About a hundred victims paid so far. 13
  • 14. WHAT’S THE UPDATES ? 14 • Windows, Linux, Mac • More victims • More data collection

Editor's Notes

  1. Several large organizations world wide are known to be affected. Estimated > 200,000 victims according to various anti virus vendors
  2. Several large organizations world wide are known to be affected. Estimated > 200,000 victims according to various anti virus vendors
  3. Several large organizations world wide are known to be affected.
  4. Some organizations suggest that the initial infection originated from e-mail attachments Affected organizations may have had
  5. Ransomware demands will increase to $600 after 3 days. After 7 days, the files may not longer be recoverable. The ransomware will also install a backdoor to access the system remotely via port 445 (Double Pulsar, also part of the NSA tool set).
  6. Wannacry uses the discrete anonymity network to communicate with its Command & Control server:
  7. Wannacry uses the discrete anonymity network to communicate with its Command & Control server:
  8. Deploy antivirus protection Block spam Perform regular backups of all critical information Don't open attachments in unsolicited e-mails Disable opened SMB port in Microsoft Office products.