Kryptos Logic, the cyber-security firm running the main WannaCry sinkhole, announced today plans to allow organizations access to some of the WannaCry sinkhole data.
The security firm cites recurring WannaCry ransomware infections that are still taking place at various companies, even eleven months after the first WannaCry outbreak in May 2017.
For example,
Boeing,
Connecticut state agencies,
Honda, and
Victoria state police suffered WannaCry infections long after Kryptos Logic researcher Marcus "MalwareTech" Hutchins registered the WannaCry killswitch domain, effectively stopping the global outbreak on May 12, last year.
Unpatched systems keep WannaCry alive
Since then, new WannaCry infections have been popping at organizations here and there, while traffic to the killswitch domain has shown "little signs of slowing down," according to a Kryptos Logic.
"We estimate [...][that] hundreds of thousands of untreated and dormant Microsoft Windows infections maintain a foothold and are responsible for the residual and continued propagation of WannaCry," researchers
said today.
....
....
Massive MOVEit Leak Exposes Data from Amazon, HSBC, McDonald’s
Sodinokibi Ransomware Now Scans Networks For PoS Systems
FBI Arrests Researcher Who Found 'Kill-Switch' to Stop Wannacry Ransomware
Snatch ransomware reboots PCs in Windows Safe Mode to bypass antivirus apps
MalwareTech Arrested by the FBI on Charges of Creating Kronos Banking Trojan