The recent internet scams were labeled “Amateur Hour.” The “Wanna Cry” attack was very poorly coded attack. Nonetheless, it shut down hospitals, railways, ATM’s and caused more havoc worldwide than all other recent internet scams.
The code contained a specific footprint. That footprint helped identify where the attack originated and who was behind it. A group called the Shadow Brokers stole files last April from the National Security Administration (NSA). Then, they posted them on the internet. Previous evidence links this group indirectly with North Korea.
The stolen software was the “EternalBlue” exploit. Eternal Blue was a US government cyber weapon. It exploited software flaws in Microsoft Windows. Using this software enabled the “Wanna Cry” attack to spread quickly.
Recent Internet Scams – The WannaCry Attack
The statement issued by the FBI on May 13, 2017 describes the attack as a widespread ransomware campaign. It affected tens of thousands of computers in 99 countries. These countries included the United States, United Kingdom, Spain, Russia Taiwan, France and Japan.
On May 12th shortly after 9:30 am, the MalwareHunterTeam spotted a malware. In roughly 4 hours it started invading Britain’s healthcare services.
The speed at which this attack moved has been one of Apples concerns. Tim Cook expressed concerns about the government having access to their platform.
It started when the FBI wanted Apple to allow them to access their operating system. Tim Cooks refusal to help the FBI. He clearly cites concern that every time the government is allowed to hack software, it always falls into the hands of the bad actors.
Microsoft Blames The US Government
Microsoft has blamed the attack on the NSA for developing the EternalBlue exploit. It was the code that the hackers used in creating the Wanna Cry ransomware attack. This exploit uses windows along with a worm to infect computers. Sadly, without the necessity of a user doing anything such as clicking a link.
Microsoft was criticized as well. They stopped updating security to their older software, unless the owners purchased additional updates. It was a type of ransom in itself that caused serious security flaws with many computers.
According to Tass Russian News Agency, Russia reported some attacks on their railways, but claimed it did not affect operations of the trains.
British Researcher Finds “Kill Switch” For The Wanna Cry Virus
Recent Internet Scams – Ransomware on Steroids
Usually Ransomware comes in the form of an email with and attachment. Once opened, the virus infects the computer. Unfortunately, the addition of the EternalBlue code infected computers without the normal link clicked.
This normally does not happen if the computer is protected with good security software and updated regularly. The problem lies in older software without the latest updates.
Some older software still being used is no longer updated by Microsoft.This is the reason Microsoft Windows 97, Vista and Windows 8 and 9 got hit hard.This attack also affected US medical devices as well.
The Botched Ransom Payments
When the ransomware becomes active, it encrypts all the data on the hard drive. The encrypted data needs a key to remove the encryption. When the ransom payment was made, a key would be provided. However, there are never any guarantees.
Bitcoins is normally the payment of choice by the scammers, because it is hard to trace. However, in this case the hackers actually made some mistakes that allowed for easier tracking of the Bitcoin payments.
In the case of the Wanna Cry, it was a manual procedure to make payments. It would have been impossible to restore hundreds of thousands of computers in 7 days manually. As a result, payments would not have been paid in time.
The Ransom
The “Wanna Cry” ransom payment amount was .1781 bitcoins, or roughly $300 US. Victims would have to pay to have the files unlocked. After 3 days, it increases in cost to $600.The data would be permanently deleted after 7 days.
NSA Defector Edward Snowden Blames NSA
Helpful Hints to Prevent Such Attacks
- Always use website security software and keep it updated.
- Make sure you have the latest updates installed in your operating system.
- Never click on links in emails you are not familiar with.
- Look carefully at unusual emails, and send an email to ask if it was send by the person.
- Frequently back up your data and store it off-line.
Recent Internet Scams and the Lazarus Group
Where are these attacks coming from? Who is responsible? In February 2017, the Polish media blamed a “notorious group of hackers” for numerous malware attacks on banks.
They didn’t name them, but they were referring to a group now known as the Lazarus Group. The Lazarus Group were notorious for cyber bank attacks.
One attack in particular was the $81 Million heist of the Central Bank of Bangladesh in early 2016.
Kasparsky has done an extensive amount of research of the malware used by this group. This research has given Kasparsky the ability to block all malware used by this group to date.
Cryptowall and Cryptolocker
The Wanna Cry attack is just one in many ransomware attacks. Cryptowall and Cryptolocker are probably the most well known. Cryptolocker would take away the users ability to operate the computer. The only way to restore the computers function, was payment of a demanded ransom.
I am well aware of that malware, being a victim myself. Anyone refusing to pay ransom had their computer locked. And, the stored data is inaccessible.
It is a helpless and frustrating experience. If I had backed up my data, then I could have wiped the computer clean and reloaded my files. Read my article Internet Scams That Lock Your Computer
Sometimes FBI Recommends Paying the Ransom
But, what do you do if you have important files that you must try to recover?
If you haven’t backed up your files, then FBI recommends paying the ransom! If you have no other choice, what else can you do? They recommend you back up your files first, but if you didn’t…then you can always pay.
There is no guarantee you will get your data back, but maybe you will?
A part of code used in the Wanna Cry attack resembled code used in the Hangman Malware. It was a malware virus that appeared in 2014-15.
The Hangman Malware” virus was the code used by the Lazarus Group. And the Lazarus Group has known ties to North Korea as their point of origin.
Sixty-one percent of malware samples were linked to the Lazarus Group. They contained Korean PE locality or Korean language. No-one is making any outright claims, but the clues point to North Korea.
Analysts reported that the system the hackers used made it impossible to know who paid the ransom. Apparently,the ransomware was not correctly set up for profit.
Then, what was the real reason for the attack? If it wasn’t money, the purpose could have been simple terrorism. The sole purpose was to ultimately cause as much widespread destruction as possible.
Wanna Cry – The Most Widespread & Contagious Virus Yet
This attack spread quite quickly and infected the largest number of countries and computers to date. Using the “EternalBlue” code enabled the rapid spread of the attack.
It was a self-replicating event that quickly. These recent internet scams caused an alarming amount of worldwide disruption. The only flaw in the wanna cry attack may have been one simple fact. The hackers only knew how to make the “EternalBlue” code work.
When more sophisticated hackers refine the next attack, the world can expect much worse.
This is only one of the recent internet scams. It serves as a wake-up call for us all, we can expect more. Keep your computers protected and back-up data.
It may be a time consuming inconvenience to delete malware. And reloading your data from backup sources, can be a pain. But, that is far better than to lose all of it forever. Paid ransoms are definitely no guarantee you will get your data back.
The hackers involved, received an estimated $100,000 in paid ransoms. Worldwide financial and economic loss estimates exceeded 4 billion in US dollars.
This was not a success for ransom payments. Nonetheless, it certainly raised havoc and caused worldwide damage. It demonstrated just how vulnerable our software systems really are.
Don’t put yourself and your computer or even phone at risk. Update often, and don’t click on any link or pop up ad you don’t recognize.
Learn more about scams in my article Scams and Frauds.
If you have any questions or comments, please leave them below.
Chas
Live life on your terms
Covid 19 has ravaged the world causing the death of tens of thousands compromised family members and tens of millions of people worldwide. Millions of people in the USA have been thrown out of work do to no fault of their own. This has caused workers to rely on temporary state aid, and forced many from their homes. Something like this is how your life can be turned upside down in an instant. It doesn’t have to be that way
This stark reality is why creating your own business is so important now more than ever. Affiliate Marketing is something that cannot be taken away. Online business is thriving because people are shopping online more than ever!
There has never been a better time to cash in on this lucrative business and create your own financial Independence with online marketing.
Be your own boss, start your journey to financial freedom today.
I am Chas, creator and founder of Help For Scams And Frauds. I started affiliate marketing and earning money online in 2015. And I can tell you, anyone can do this. But, in order to build a business the right way you must have the right training and avoid the get rich quick schemes.
Check out my #1 Recommendation For The Best Online Training in 2024
Thanks for this. This is a wake up call for me, because many times I don’t back up my data. I never gave it a thought that my site can be hacked and I could lose everything to ransomware.
I will have to get a backup hard-drive to prevent such a nasty occurrence.
There is no need to entertain a problem that could be avoided. I will now have to save all my files and data to a external hard-drive. This will also be good if I have a computer failure.
I have also learned that clicking unknown links, particularly in emails, should also be avoided. This article has really taught me so much today.
Hi Kenechi,
I am glad that the article has helped you, You will never regret getting a back up hard-drive. On like My Passport works in the background keeping all your data backed up. You don’t have to do anything but plug it into your computer and set it up one time.
Yes, clicking links you don’t recognize can take you to a hackers site.
Thanks for leaving a comment,
Chas
I really want to commend you for taking out time to write this article on Recent internet scam. I think who ever was involved in creating amateur hour and or wanna cry attack was trying to send a message. Though, I was not really aware of this problem but I want to say that those that had their anti virus updated shouldnt be attacked by this virus. More reasons to always update antivirus
Hi Barrywesley,
Thank you. The suspected culprits are the North Koreans. It is a good idea to keep current antivirus software programs operating, but it is more important to always update you computer software with the manufacturers security updates whenever they release them.
Thanks for leaving a comment,
Chas
Thanks for providing the helpful tips to prevent ‘The Wanna cry” and “ransomware attack”. I am Learning of the Lazarus attack on Sony, and the viruses malware of Cryptowall, and Cryptolocker for the first time.
So sad that some people are using their knowledge and skills to perpetrate evils. The news about the attack ‘The Wanna Cry” was worldwide. In a situation like this, everybody plays defensive.
As a computer professional, it is my duty to make sure my software on my system are up to date. However, the tech giants exploit users by always releasing a newer version of the product and increasing cost for purchase. This might not be convenient for most people.
On the subject of ransomware, one does not have a choice but to pay the ransom demanded. Paying with bitcoin with no trace of identifying the hawker make it more painful. Everybody just needs to be more security conscious with information.
Hi Tolu,
Thank you for the kind words. All three of those attacks were suspected to be the result of North Korea cyber Attacks. You can read more in my article The Wanna Cry And North Korea Cyber Crimes.
Sometimes the newer software is so different and better in many ways, especially security, that is is worth the increased cost to keep you computer safe.
I have to recommend backing up your data with a external hard drive like My Passport to keep a copy of your data. Then, you don’t need to pay ransom, you have your data backed up.
Thanks fo stopping and leaving a comment,
Chas
Hi Chas,
Your article Recent Internet Scams, reminded me of the importance of using website security software. I realized how uninformed I am about this topic and probably I am not the only one unaware of this situation.
I think your website will keep people informed and offer precautions about these internet scams. What amazes me the most is that I have never heard about this Wanna Cry Virus Attack. I even looked up my country to see if it was affected by it, and apparently it was. However, it seems that is wasn’t as bad or as widespread as it was in other countries.
I am looking forward to read more about this topic, learn and spread this information. Thank you for helping us to be safe online!
Hi Mariana,
Thank you for your kind words. many people are unaware of the pitfalls of not having their computers properly protected. I will certainly try to keep people updated on the dangers, and offer help whenever I can.
Some countries were not affected as badly, because they kept their computers updated with the newest security updates. Microsoft even offered an update to the windows 7 program, in response to the Wanna Cry Virus attack.
You can read more about the Wanna Cry attack here The Wanna Cry And North Korea Cyber Crimes
Thank you for leaving a comment,
Chas
I am really happy that I have never fallen victim to these computer hacks in Recent Internet Scams. I did not really realize how serious it was until after reading this post. The people doing these are normally very difficult to find due to their skills and can commit havoc from inside their bedrooms.
It is really strange how they do this and the fact that they can even have a country shaking shows just how dangerous they are.
I make use of a Windows 7 and cannot upgrade to windows 10 due to my laptop not been able to see the wifi of my phone when in windows 10. I just hope I never fall victim to these online hackers like the Wanna Cry Virus..
Hi Jay,
If you keep your computer updated, you will stay much safer. These guys are sometimes employed by foreign governments to hack computer around the world. You can read more about that in my article The Wanna Cry And North Korea Cyber Crimes
If you are using windows 7 you must realize they stopped updating windows 7 and that Increased the spread of the Wanna Cry virus. You should think about purchasing a newer device that has the windows 10 software installed. Thanks for the comment,
Chas
Excellent job here Chas. This has got to be the most detailed article about a cyber attack I have ever read. I have experienced malware attacks a few times- as they picky backed on what I thought was a secure download- but otherwise I have been fortunate, and have not lost or revealed any information to these ‘actors’ as you say.
Were you effected by the WannaCry attack? I know it impacted people around the world, but did it impact you personally? Also, what sort of virus protection do you recommend? I use McAfee, Spybot Search an destroy as well as Malwhere bites. Are there any other programs that are better?
Cheers!
Hi Dar’ie,
Thank you! Malware is attached to files that are downloaded. You need antiviral software that checks files before you download them.
I was not affected by the Wanna Cry, because I always keep my computer updated. Microsoft issued an update just weeks before it hit, and everyone that updated was safe.
I have the updates scheduled for automatic install and I ask to be notified and ask permission. That way, I know if they cause any problems with my computer. I know one update for windows took all weekend to install once.
I like Kaspersky total security, they have protected me well. I have not lost anything with them.I had AVG and lost a computer. I am not a fan of McAfee, or AVG, got malware with both of them, and I am not familiar with Spybot. I did have Malware bites, it was ok. But I got K total security, they protect me from malware. One program for everything.
Thanks for the great questions, and comments,
Chas
Hey, these are known issues. Everyone needs to update any computer in order to be well equipped with the right means of keeping our computer protected. It is saddening to see that these hackers were paid ransoms to the tune of $100,000 leading to a huge financial loss worldwide.
Your tips on how to prevent the Wannacry attack are great, making sure one has latest updates installed in the OS is a great way of fighting virus and malware. Frequent backing up of data might look daunting, but it is the surest way of keeping one’s data safe.
Your post is quite an insight to what is happening in cyberspace.
HI Gracen,
Well, it was devastating when the Wanna Cry virus hit worldwide. The $100,000 that they wanted turned out to be less, only because they didn’t program the payments properly. They really didn’t make much money for a world wide ransom malware attack.
Yes, the updates Microsoft puts out are important, but Microsoft has stopped updating some software because it is too old. Up dating your data can be easy with a back up hard drive.
Thanks fo leaving a comment,
Chas
Hello Chas, this is an exhaustive and helpful article indeed! I must commend you for taking your time to experience every action to revealing these internet scams on WannaCry and others. It’s actually an helpful reminder for all of us computer users to keep our systems up to date and anti-virus / anti-malware software up to date as well, as it common to us even me, not taking timely note of any latest update on our anti virus softwares. I really like being informed as it helps not being a victim of such. Thanks for sharing this helpful information and hope the government is really looking for a helpful way out of all this?
Hi Topazdude,
Thank you. I do want people to understand the devastating affects of not updating their computers. That is what spread the Wanna Cry virus, simply not updating their computers.
Good antiviral software is a must in all computers as well. I am glad you found some helpful advice in Recent Internet Scams. If you want to learn more about the Wanna Cry virus, read The Wanna Cry and North Korea Cyber Crimes.
The United States actually unwittingly contributed to the Wanna Cry attack. They created military attack software called eternal blue, that was hacked and posted online, then used to build the program for the Wanna Cry virus.
The government doesn’t do anything for the viruses, the people like Microsoft who sell the software, figure out how to protect our computers, along with the people who sell the antivirual software programs.
Thanks for your comment,
Chas
Hi Chas,
Thank you for the thorough information on WannaCry and others. It’s a great reminder for all of us computer users to keep our systems up to date and anti-virus / anti-malware software up to date as well. These attacks are highly burdensome to our economy and cause great damage to those impacted. I wish we had better ways of tracking and stopping these before so much damage is done. Do you know what the government is doing to prevent cyber attacks?
Hi Kris,
I am just glad to see others take heed and realize the importance of updating their software! That attack was nasty at the time it affected hospitals and government services in 150 countries!!
There are people trying to watch out for things like this, but this one was a matter of days in developing and spreading like wildfire.
I don’t know what the government is doing, and they may not tell us much about their security. However the Internet Security Companies like Karspersky are deeply involved and have dramatically improved their security by studying the WannaCry virus. They actually have technology that restores their code when ransomware changes it. Pretty cool, huh?
Thanks Kris, for stopping by and leaving a comment!
Chas
These are some very important issues that I haven’t really got my head around in the past quarter. I really wanted to know about it and I think I just found the right website with the appropriate article to learn about them.
Thank you so much for researching about this issue and sharing it with us.
Glad you liked it, the WannaCry was a nasty virus. It was one that could have been prevented by updates being available at the time. Maybe the software manufacturers realize the importance of keeping their products updated now. always update your software!
Thanks for stopping,
Chas