The WannaCry ransomware – made famous in May 2017 when it infected devices around the world and even got into NHS devices, causing operations to be cancelled – looks to have made a return, though all is not as it may first appear.
Some unlucky device owners have reported being sent an email that will look fever-inducingly familiar to anyone who has previously found their systems infected. It claims “WannaCry is back” and that “information will be encrypted and then erased” unless a ransom of 0.1 Bitcoin (£504) is paid. As is commonplace with these attacks, the email also warns users that deletion of the malware will also cause deletion of their encrypted data.
What’s more, the message even claims the malware has threaded its way across a user’s entire network, meaning data saved on computers, external hardware and mobile devices has all been impacted.
However, these threats don’t quite match up to reality. In fact, WannaCry isn’t back at all, and those who were presented with this message didn’t have any malware on their devices whatsoever. Instead, it’s a scam that relies on the fear of being hacked and the familiarity of a well-known name in the world of cybercrime.
As Graham Cluley explained on his blog: “Someone is trying to pull a fast one, attempting to trick unsuspecting users into paying a ransom… even though they haven’t infected your computer with ransomware.
“They couldn’t even be bothered to write the malware!”
The audacity of this attempt at cyber extortion is almost comical – though it’s worth noting that some people could still be fooled. The WannaCry name is reasonably well known after it topped news bulletins around the world, so that alone could prompt a reaction from the not-so-savvy recipients of this fraudulent email.
As Cluley concluded: “it makes sense for everyone to follow security best practices, keep your anti-virus updated, and [your] systems patched.”