The activity of the virus WannaCry attacking more than 200 thousand users, has decreased six times, recorded by “Kaspersky Lab”. However, the malware has already appeared a few modifications
The number of attacks WannaCry recorded by “Kaspersky Lab” may 15, decreased by six times compared to the indicator of Friday, may 12, when it became known about the attack. This is stated in the message received by RBC.
According to experts of “Kaspersky Lab”, this suggests that control of infection is almost set. However there were two notable modifications that, according to the company, was not created by the authors of the original extortionist. “Most likely, they have other players cybercriminal world who have decided to use the situation to their advantage”, — stated in the message.
A new variant of malware started spreading around 4:00 GMT on Sunday and at the moment, as discovered by “Kaspersky Lab”, the victims were three users in Russia and Brazil.
The second pattern appeared on the days of the virus already knows how to bypass the killswitch (a kind of switch in the program code), which helped to stop the first wave of attacks. However it seems that this variant has spread, perhaps because of an error in the code, the report says.
Earlier, the head of the Russian practice of information security services, PwC Mr Chaplygin told RBC that the company’s experts have recorded more than 300 new strains of the virus WannaCry. He also mentioned about the three main types of modified virus, which has now managed to discover.
About new versions WannaCry reported in Group-IB. Experts of the company have confirmed the presence of at least one new type of malware, but was with it the infection, is still unknown. In Group-IB also believe that the virus did not download authors original WannaCry.
According to “Kaspersky Lab”, the virus-the extortioner began to spread on Thursday, may 11. At this moment, the company recorded more than 45 thousand attacks on users around the world. However, these data reflect only users of products “Kaspersky Lab”, that is, the actual number of victims may be more precise in the company.
According to Europol, was attacked by more than 200 thousand users in 150 countries.
Information on the global virus attack that targeted the computers with the Windows appeared may 12. The virus encrypts files on infected computers and demands to pay $300 or $600 in bitcoins for access to them. Otherwise, the virus promises to delete files within three days. Hackers have already received more than $50 million, according to data from the special website that tracks payments.
In media appeared reports that the cyber attack may be an organization, “associated with the grouping of cybercrime APT28/Fancy Bear”, which traditionally referred to the “Russian hackers”. However, Vladimir Putin has denied the involvement of Russia to the attacks.