June 01, 2017
The WannaCry ransomware attack was one of the worst and largest ransomware attacks in the history of cyber crime. Even as the world tries to recover from it, the situation keeps getting worse. Now there are reports of fake patches for the ransomware available on the internet and people are falling for it.
When the WannaCry ransomware hit many users were scrambling for fixes, but some of the proffered solutions were actually just more malware in disguise. Security experts recommend that companies stick with their existing security vendors and established update processes, and be careful about downloading fixes that they come across on the Internet.
The Wannacry attacks dust is yet to settle and hackers are using this to cause more mayhem. For example in the UK, where the National Health Service was hit hard by the virus, users received an email purporting to be from BT that asked them to click on a link to confirm a security upgrade.
Another phishing email pretended to come from LogMeIn Inc. According to a blog post by the company, this email told users that they were already infected with WannaCry, and needed to update their LogMeIn software by clicking on a link that seemed to go to the official site. The return address showed "LogMeIn.com Auto-Mailer" for the name -- but had an actual return address that was a string of random characters.
Not only online, but there are apps in the playstore which claim to protect android devices from Wannacry. McAfee labs said in a blog post that there were at least 30 apps that were claiming to protect android devices from WannaCry, while in truth WannaCry only affects windows devices.
“While searching for “WannaCry” on GooglePlay we found several new apps. Most are guides—web views, images, or text reminding us to patch Windows, as well as jokes and wallpapers. However, a few apps claim to “protect” Android devices against this Windows-only threat,” said Fernando Ruiz, a security researcher at McAfee labs.
All security patches are made through over the air updates. Most of them don’t even have to be downloaded and are included in the software updates. Although in some cases it like windows releasing a patch for XP is posted on the company website, none of them are available online through third party vendors. It seems like the security folks still have a lot of work to do on this end.