One reason that the damage of Ransomware "Wanna Cry" was less in Windows XP is "Blue Screen of Death"


ByAcid Pix

Ransomware widespread worldwide in May 2017 "Wanna Crypt (Wanna Cry)About the Windows XP environment as soon as possibleResearchers release "Wannakey" decryption toolA response was taken to do. In that process, in the Windows XP environment, it seemed difficult to infect WannaCry in the first place, but one of the reasons was that in Windows 10,Blue Screen of DeathIt seems it was.

Wanna Cry: Two Weeks and 16 Million Averted Ransoms Later
https://blog.kryptoslogic.com/malware/2017/05/29/two-weeks-later.html


Windows XP computers were mostly immune to WannaCry - The Verge
https://www.theverge.com/2017/5/30/15712542/windows-xp-wannacry-protect-ransomware-blue-screen

Windows XP was released in 2001, OS shipped in late June 2008, extended support also completed in April 2014 OS. For this reason, security measures are not thorough and calls for transition to a successor OS / alternative OS are called for.

Attention accompanied by termination of Windows XP support: IPA Independent Administrative Institution Information-technology Promotion Agency
https://www.ipa.go.jp/security/announce/winxp_eos.html

Wake up there, it is a big trend of Wanna Cry in May 2017. The extent to which this was an emergency is to distribute patches to Windows XP, which Microsoft has been discontinued.

File encryption · ransom demand "Wanna Cry" is pandemic worldwide and emergency patch is distributed to Windows XP, and it enters an abnormal situation, present situation & countermeasure summary - GIGAZINE


However, according to Kryptos Logic, a computer security company, I found that there was more "immunity" to WannaCry than I thought of Windows XP.

Wanna Cry "MS 17-010"It spreads out using the vulnerability of Windows file sharing system called Microsoft Windows SMB server, but when Kryptos researcher tried to infect Wanna Cry against Windows XP, Failure or "Blue Screen of Death" occurred. It is an unspeakable story that the blue screen which is only a presence pulling legs in everyday use was also interfering with the installation of the Ransomware. Incidentally,Decryption tool "Wannakey"As the creator did, copy the binary of WannaCry and run it locally, it will be infected even with Windows XP, so be careful.

The Verge pointed out that it agrees with the results of the Kaspersky Laboratory survey that Windows XP was "insignificant" by WannaCry OS infection number.


Expansion of WannaCry infection is being held back by the discovery of "Kill Switch", but Kryptos's survey shows that there are quite a few infected PCs still in China. The background is that many pirated OSs are used, and the usage rate of Windows 10 is low.

in Security, Posted by logc_nt