Reports of Fake WannaCry Ransomware Are On The Rise

According to the U.K.’s national reporting center, ransomware is one of the most dangerous forms of cybercrime known today. A warning has been issued to the public about the rise in these types of fraudulent activities, where ransomware takes over a system after an unsuspecting user falls prey to a good looking phishing site. Even non-techie people have likely heard about the WannaCry attack from 2017, when a cryptoworm targeted computers running a Windows OS by encrypting their data and demanding bitcoin payment for its safe return. While the world has not actually seen such a sophisticated bit of ransomware since WannaCry, the mere thought of it is still enough to strike terror into the minds of users. Hackers understand this fact and have subsequently devised new ways to play on the fear of unsuspecting individuals by simply suggesting WannaCry is in their system.

Increase in Ransomware

We have watched ransomware successful breach systems for a while now. And each time, it is always a bit of a shock. Fraud experts claim to have seen more than 300 reports about email scams which fool people into clicking malicious links embedded in their messages. Because these communications are drafted to appear safe and trustworthy, users often hit the button with nary a concern for their own security. But when their files suddenly disappear, and they can no longer access their own information, the truth becomes clear; they will need to pay up if they hope to ever see it again. It’s pure extortion at its best—or worst, as the case may be—and people often fall for it.

“The WannaCry emails are designed to cause panic and trick people into believing their computer is infected with WannaCry ransomware,” Action Fraud said in an alert. In reality, the phishing site has only feigned to steal their data, thereby creating the same level of panic as a real ransomware attack. “In reality, the emails are just a phishing exercise to try and extort money. The emails claim all of your devices have been hacked and your files deleted, that is until you pay a fine to the fraudsters in Bitcoin,” the report goes on to say.

WannaCry was first reported last May 2017, and around 250,000 computers across 150 countries were affected. The worst damage impacted 1/3 of National Health Service as well as 600 independent practitioners, all of which shut down an estimated 20,000 different operations.

Action Fraud has been called upon several times already to warn U.K. citizens of scams using WannaCry as bait, although most of their cautionary advice came after the attacks were already felt. In addition to this threat, phishing emails posing as the British multinational telecommunications holding company, BT Group, also urged users to click a security update confirmation to protect themselves from attack. But the emails were spoofed and fooled many users into making the fateful mistake.

The agency Action Fraud has already warned the citizens of UK to stay away from such bait. People and organizations need to be careful about being lured in by convincing URLs and emails. Users should always confirm the URL is the same as the one they intend to click instead of one that just looks and feels the same. “One victim fell for the scam after calling a ‘help’ number advertised on a pop-up window. The window which wouldn’t close said the victim had been affected by WannaCry Ransomware,” Action Fraud said. “The victim granted the fraudsters remote access to their PC after being convinced there wasn’t sufficient anti-virus protection. The fraudsters then installed Windows Malicious Software Removal Tool, which is actually free and took £320 as payment.”

Crime and Crypto

As NewsBTC reported in March, cryptocurrency is beginning to play a key role in certain types of cybercrime, accounting for up to 27% of all attacks. In January 2018, hackers broke into a cryptocurrency exchange called Coincheck Inc. and made off with nearly $500 million in digital tokens. As one of the biggest cyber heists in history, the hack has raised questions about the security of cryptocurrencies around the world.

The second largest group of victims of cybercrime where regular people and businesses. According to the cybersecurity firm Carbon Black, these attacks made up 21% of the total crimes involving cryptocurrency. The most common method used is a ransomware like WannaCry, although there are others like “cryptojacking,” which is an illegal form of mining.

According to Helge Husemann, Product Manager for the internet security firm Malwarebytes, cryptojacking as a form of cybercrime has been on the rise. Just last year, YouTube experienced a threefold increase in illegal coin mining via malware-embedded ads.  Husemann also notes that Showtime, Browsealoud, as well as some U.K. Government websites, have fallen victim to illegal mining scams. Some of these incidents went undetected for several months, netting hefty profits for the masterminds of the attack.

On average, Husemann suggests Malwarebytes has been blocking eight million malicious mining attempts per day, equating to an astonishing 248 million per month. According to him, “The illicit gains from illegal crypto mining contribute to financing the criminal ecosystem, costing billions of dollars in losses and disruption of business services from compromised assets.”