Advertisement Advertisement

Quick Heal identifies 48,000 WannaCry Ransomware attack attempt



Quick Heal Technologies has announced that it has detected over 48,000 MS-17-010 Shadow Broker exploit hits responsible for “WannaCry Ransomware” outbreak in India. A dump of MS-17-010 Windows OS vulnerability was made public by the notorious Shadow Broker group on 14th April, 2017. This vulnerability affects most desktop and server editions of Microsoft Windows


Among the attempted attacks by the malicious WannaCry ransomware, 60% were targeted towards enterprises and 40% towards individual customers. Quick Heal and its enterprise security brand, Seqrite, successfully detected this ransomware activity and cleaned the malicious file responsible for file encryption from all the attacked systems. The top five cities impacted by the WannaCry ransomware in India are Kolkata, followed by Delhi, Bhubaneswar, Pune, and Mumbai. The top five states with maximum detections are West Bengal, Maharashtra, Gujarat, NCR (Delhi), and Odisha. The company received over 700 distressed calls regarding the spread of this ransomware.


Sanjay Katkar, MD & CTO, Quick Heal Technologies, said, “This ransomware outbreak has brought to the fore the importance of robust cybersecurity solutions for individuals and businesses alike. Cybercriminals are not discriminating while attacking and spreading malware. India is getting hit hard by such attacks as India has a large number of Windows users who do not have proper security patches applied and rely on inadequate internet security. Our observation is that the attack is not focussed towards any particular industry, but it is widely spread across industries especially those organizations which are online and connected. In the last few days, we have received distressed calls from customers belonging to verticals like education, banking, financial, manufacturing, healthcare and even from few services sectors.”


Soon after the ransomware attack was spotted, Quick Heal Security Labs issued an advisory informing customer on ways to reduce the risk of infection by WannaCry Ransomware. The company recommended that all Microsoft patch updates are applied for vulnerabilities used by this ransomware. Quick Heal has also organized a webinar to educate businesses on how to protect their organization from the WannaCry Ransomware on May 17.


Earlier this month, Quick Heal Security Labs released Quick Heal Threat Report for Q1 2017 and had detected 10 new ransomware families in Q1 itself. The report had predicted evolution of ransomware and increase in ransomware attacks in the coming quarters.