A British computer researcher was able to help curb the cyber attack that reportedly affected at least 74 countries Friday, by purchasing a website address for $10.69.
A separate tech expert, Darien Huss of the cybersecurity company Proofpoint, aptly noticed that the ransomware’s web address, which included a series of random numbers and letters, ended with “gwea.com.”
Ransomware is a type of infected software designed to take over a computer system and then block access for the authorized user. Hackers encrypt information critical to the performance of hospitals or other institutions, then demand money (usually in the form of BitCoin, a digital currency) in return for the encryption password.
The British security researcher, known online as MalwareTech, investigated and found out that the corrupted online address was still available to buy.
“I saw it [gwea.com] wasn’t registered and thought, ‘I think I’ll have that,'” MalwareTech told The Daily Beast, who purchased it on NameCheap.com, a domain name registrar service.
MalwareTech decided to direct the malware and infected computer systems toward a “sinkhole” server, which gives out false information and renders computers incapable of accessing the correct site. The malware, or infected software that locks out legitimate users, would exit the server after the traffic was connected to the domain.
“One thing that is very important to note is our sinkholing only stops this sample and there is nothing stopping them removing the domain check and trying again,” MalwareTech wrote Saturday on his official blog. “So it’s incredibly important that any unpatched systems are patched as quickly as possible.”
The researcher says its important for people to update their computer software, because the cybercriminal could update the ransomware and relaunch it again to circumvent the sinkhole server.
The latest incident of hacking affected several institutions that rely on internet for critical operations, including hospitals, which experienced internal turmoil as emergency services struggled to coordinate patients and access their files. Health facilities were either forced to temporarily shut down or cancel certain examinations and processes like x-rays and radiology tests.
Send tips to eric@dailycallernewsfoundation.org.
All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.