c-epa-h_53514815-Ritchie Tongo

How two URLs stopped the global ransomware attack from spreading

2

Just two URLs are keeping the global ransomware attack from spreading further.

Published   |  Photo by EPA/Ritchie Tongo
c-epa-h_53514815-Ritchie Tongo
2

The WannaCry malware started to spread on May 12 locking computer files and demanding money to unlock them.

c-epa-h_53514815-Ritchie Tongo
2

So far, it has infected 200,000 computers in 150 countries 🌎.

c-epa-h_53514815-Ritchie Tongo
2

But on the day that the attack started, a cybersecurity researcher found a domain name in WannaCry’s code. When he registered it, the malware stopped spreading.

c-epa-h_53514815-Ritchie Tongo
2

But since then, variations of the malware started to appear 💣.

c-epa-h_53514815-Ritchie Tongo
2

When looking into one of these variations, another cybersecurity expert found a second domain name. By registering it, it stopped the malware from spreading.

c-epa-h_53514815-Ritchie Tongo
2

Thanks to the domain names hidden in the code, the number of machines spreading WannaCry went from 84,179 on May 14 to only 418 on May 15.

Published

Check out more stories below—and please take a quick three-minute survey to help us improve.

Share this story

home our picks popular latest obsessions search