Notifications

There is a new, nasty piece of malware in the wild wreaking havoc on tens of thousands of computers running Microsoft Windows worldwide.

The official website of Avast Antivirus is one of many reporting that that the worm — dubbed WanaCrypt0r 2.0 — uses an exploit revealed last month in a cache of NSA-sourced hacking tools.

WanaCrypt0r 2.0 is what is known as “ransomware,” which encrypts the storage of a given computer and displays a lock screen preventing you from using your computer. The name comes from demands for payments displayed on the lock screen, which often increase as time passes without the computer owner paying the ransom.

The new worm initially proliferated among the National Health Service in the United Kingdom but has since spread to over 57,000 computers worldwide.

To avoid getting hit, the usual advice applies:

  • Don't click links and/or download/open attachments from suspicious emails, people you don't know, etc.
  • Look closely at the sender field of emails. The display name may match a person you know or a service you use, but the address may not (still, addresses can be faked, so this is not foolproof).
  • Look closely at the actual address in links by hovering your cursor over the link and looking at the address it shows in your browser's status bar. This can be messed with in some ways, so again, be careful.
  • Keep Windows as up to date as possible, turning on automatic updates for critical updates like security patches.
  • Run a known good antivirus program downloaded from its actual, official website.

To remove ransomware, PC World has a comprehensive guide.