Ransomware UIWIX

UIWIX Ransomware. The threat of WannaCry is not over yet.

The evolved version of Wannacry ransomware; UIWIX Ransomware continues to shock the world. WannaCry Ransomware began spreading on May 12th but was accidentally stopped by a kill switch triggered by a MalwareTech researcher. However, it looks like the kill switch did not completely stop the spread rather slowed the speed. Hackers have since then updated the malware. The new strain is called UIWIX and it doesn’t have a kill switch. WannaCry infected NHS in UK, Renault factories in France, Telefonica in Spain as well as Russia’s second largest mobile operator, Megafon. It held a lot of companies worldwide hostage for ransom and disrupted the work.

How does it work?

UIWIX, just like WannaCry, is hijacking the user’s system altogether and restricting access to all the files until the ransom is paid. The payment is demanded in Bitcoins. Until now it is impossible to stop UIWIX since there is no kill switch in the malware code. The only way to protect your system is to patch the vulnerability present in Microsoft’s OS.

Attackers are exploiting the vulnerability in a network if they are enabled on it. Even if SMB v2 or v3 (Server Message Block protocol) are used and attackers can downgrade to SMB v1, they can hack into the system. SMB is a file sharing protocol that allows OS and applications to read and write data to a system. It allows system to request service from a server.

Prevention is better than cure

Given that the virus is unstoppable as of now the only way to keep your network and system secured is to upgrade the security and install necessary updates. Here are some precautionary steps which should be followed to keep better online protection:

  1. Connecting to public wifi and then initiating a VPN connection can spread the malware severely.
  2. Do not open unknown emails.
  3. Do not download files from unknown emails.
  4. Do not click on files from unknown emails.
  5. Avoid visiting malicious websites.
  6. Show hidden file extensions. Change it in settings.
  7. Do not download software/apps from third party vendors. Run application s only from trusted vendors.
  8. Assure that your anti-virus is good.
  9. Back up your data regularly.
  10. Use system restore to get back to last known good configuration.
  11. Keep the system updated.

No one is safe on the internet. However most of the trouble could be avoided by keeping updated security measures.  Cyber security is crucial to companies and sophisticated tools needed to be put in place. Logix Infosecurity brings the latest tools and software’s to keep your organization safe.

Leave a Reply

Your email address will not be published. Required fields are marked *