A British computer nerd was able to run a fairly simple hack to end the global ‘ransomware’ cyber-virus that was taking down servers and computers in major hospitals, businesses, and government agencies across the globe.
The hacker registered a new domain with ten dollars and was able to reroute the virus to a ‘sinkhole’ server that makes it unable to find a legitimate target for the virus which was forcing victims to fork over a minimum of $300 or face deletion of critical data.
Here’s more from Daily Caller…
A British computer researcher was able to help curb the cyber attack that reportedly affected at least 74 countries Friday, by purchasing a website address for $10.69.
A separate tech expert, Darien Huss of the cybersecurity company Proofpoint, aptly noticed that the ransomware’s web address, which included a series of random numbers and letters, ended with “gwea.com.”
Ransomware is a type of infected software designed to take over a computer system and then block access for the authorized user. Hackers encrypt information critical to the performance of hospitals or other institutions, then demand money (usually in the form of BitCoin, a digital currency) in return for the encryption password.
The British security researcher, known online as MalwareTech, investigated and found out that the corrupted online address was still available to buy.
“I saw it [gwea.com] wasn’t registered and thought, ‘I think I’ll have that,’” MalwareTech told The Daily Beast, who purchased it on NameCheap.com, a domain name registrar service.
MalwareTech decided to direct the malware and infected computer systems toward a “sinkhole” server, which gives out false information and renders computers incapable of accessing the correct site. The malware, or infected software that locks out legitimate users, would exit the server after the traffic was connected to the domain.
“One thing that is very important to note is our sinkholing only stops this sample and there is nothing stopping them removing the domain check and trying again,” MalwareTech wrote Saturday on his official blog. “So it’s incredibly important that any unpatched systems are patched as quickly as possible.”
