WannaCry

lore

securityops culture

The 2017 ransomware worm that spread through a leaked Windows exploit and crippled systems worldwide.

It used the EternalBlue SMB exploit to self-propagate, encrypting files and demanding Bitcoin, and hit hospitals, factories, and rail networks within hours. A researcher's accidental discovery of a kill-switch domain slowed it, but not before it caused billions in damage.

Also known as: WannaCry, WannaCrypt, WCry

Sources

  • Widely documented (May 2017); NCSC/US-CERT advisories

All glossary entries