On Tuesday, Windows computers — first in Ukraine, later across Europe and the United States — began to show users a message that looked something like this:
This is called ransomware, a relatively new form of malware that scrambles a victim’s files and then demands a payment to unscramble them.
Attacks like this have become an increasingly common problem online. Last month, thousands of computers were infected with ransomware that experts dubbed WannaCry, causing disruptions for hospitals in the United Kingdom.
Ars Technica’s Dan Goodin describes the carnage the software has caused:
It initially took hold in Ukraine and Russia, but soon it reportedly spread to Poland, Italy, Spain, France, India, and the United States. WPP, the British ad company, said on Twitter that some of its IT systems were hit by a cyber attack. Its website remained unreachable as this post was going live. Law firm DLA Piper posted a handwritten sign in one of its lobbies instructing employees to remove all laptops from docking stations and to keep all computers turned off. AV provider Avast said it detected 12,000 attacks so far. Security company Group-IB said at least 80 companies have been infected so far. Reuters also reported that a computer attack that hit Maersk, a shipping company that handles one in seven of all containers globally, caused outages at all of its computer systems across the world.
The new attack is sophisticated, making several improvements over the techniques used by last month’s WannaCry malware. The software steals credentials from victims’ computers and sends them back to a server controlled by the attackers.
Yet surprisingly, the attackers seem to have taken a lackluster approach to collecting ransom payments. That has caused some experts to doubt that the attackers were actually after money. Rather, they suspect that the hackers were trying to cause mayhem or steal data from selected targets, and that they simply used ransomware to sow confusion about the nature of the attack and who was behind it.
The latest outbreak may have been intended for destruction, not profit
Full story in article.