Wannacry : El ransomware que hizo temblar al mundo

Seguramente habéis sido testigos del  fenómeno wannacry . Un malware que afectó a miles de máquinas en el mundo e hizo bastante ruido en los medios de comunicación. Muchos hablaron de ciberguerra , de caos cibercriminal , etc … Pero cuando el horno aún está caliente hay muchas aproximaciones . Por esa misma razón decidí estudiar un poco  la cosa y no dar una opinión precipitada.

Hoy vamos a hablar un poco de qué es wannacry , de por qué es tan particular, y por qué ha generado tanto pánico. Wannacry es un ransomware cuyo objetivo es de cifrar nuestros archivos (Documentos y ficheros multimedia en general ) , y a continuación pedirnos una suma de dinero para poder recuperarlos. Hasta aquí nada del otro mundo , ese tipo de estafa existe desde hace muchos años. Pero en general los ransomwares son enviados por mail a través de campañas de phishing o ingeniera social . La diferencia en el caso de wannacry es que utiliza una vulnerabilidad en el protocolo SMB de windows para infectar a las máquinas . Para explotar dicha vulnerabilidad , utiliza artilugios (Eternalblue y Doublepulsar) procedentes del arsenal de herramientas de ciberataque de la NSA , filtrados hace poco por un grupo de hacking denominado Shadow Brokers.

Ya que dichas herramientas son públicas , cualquiera puede utilizarlas . Hasta el día de hoy hubo más de 400.000 máquinas infectadas en más de 100 países . Grandes infraestructuras como hospitales , empresas o colegios  no han escapado a los tentáculos de wannacry.

Nada… eso solo afecta a empresas… no corro ningún riesgo…

“Claro que sí guapi” . Yo pensaba lo mismo hasta que decidí probarlo . La verdad es que me quedé un poco sorprendido por lo fácil que es realizarlo. He olvidado mencionarlo antes , pero por lo visto solo afecta versiones anteriores a windows 8 , como xp , vista , windows 7 o windows server 2008 .

La NSA tenía ese exploit desde el año 2011 . No sé vosotros ; pero a mi me pica un poco el cuerpo saber que lo han tenido tanto tiempo en secreto . Wanncry hizo tanto ruido que Microsoft decidió sacar un parche para versiones de windows a las cuales ya no daba soporte , como windows XP por ejemplo.

¿ Pero quién utiliza windows 7 o XP en 2017 ?

Caution con esa pregunta porque aún se sigue utilizando windows 7 y windows xp en muchas infraestructura . Para verificarlo yo mismo, solo tuve que bajar un momento a la calle y entrar en varios establecimientos como farmacias , hospitales , bancos , tiendas , cibercafés y darme cuenta de que más de la mitad utilizaba las versiones de windows afectadas .

Para los que están interesados en probar el exploit , les invito a leer este pdf redactado por Sheila A. Berta (@UnaPibaGeek) , en el que explica paso a paso y de forma detallada cómo funciona eternalblue y doublepulsar .

¿ Pero quién ha lanzado el ataque ? Seguro que Son los rusos…

Hay que ser muy prudente a la hora de buscar el o los culpables , sobre todo cuando es un tema tan importante como la cibercriminalidad . Hasta ahora , ninguna persona o grupo ha reclamado seriamente ser el autor del ataque , por lo cual no se puede acusar a nadie.

Como wannacry no ha tocado a mi puerta , fui a buscarle . Lo descargué y lo ejecuté en una maquina virtual y en pocos segundo tenía todos mis documentos cifrados y una maravillosa ventana de advertencia . No puedo decir que no me lo esperaba 🙂 . Para descifrar los archivos secuestrados , ya existen herramientas como wannakiwi .

Este suceso ha sido una catástrofe para muchas empresas , pero quizás algunas de ellas acentuarán la actualización y la seguridad de sus sistemas informáticos.Todo esto no habría ocurrido si agencias gubernamentales no aguardaban vulnerabilidades secretas para intentar utilizarlas .

Hay muchas empresas que venden herramientas para solucionar el problema , pero el antídoto más barato y eficaz para Eternalblue y Doublepulsar es la actualización del sistema.

29 thoughts on “Wannacry : El ransomware que hizo temblar al mundo

  1. cheap viagra online australia
    cheap generic viagra online pharmacy
    online doctor consultation for viagra

  2. Does your website have a contact page? I’m having problems locating
    it but, I’d like to send you an e-mail. I’ve got some suggestions for your blog
    you might be interested in hearing. Either way, great blog and I look forward to seeing it develop over time.

  3. First off I would like to say awesome blog! I had a quick question that I’d
    like to ask if you don’t mind. I was interested to find out how you center yourself and clear your thoughts prior
    to writing. I’ve had trouble clearing my mind in getting my ideas out.
    I do take pleasure in writing but it just seems like
    the first 10 to 15 minutes are usually lost simply just trying to
    figure out how to begin. Any ideas or tips? Cheers!

  4. Hi, I do believe this is an excellent website.
    I stumbledupon it 😉 I’m going to come back once again since I book-marked it.
    Money and freedom is the greatest way to change, may you
    be rich and continue to guide other people.

  5. Awesome blog! Is your theme custom made or did you download it from somewhere?
    A theme like yours with a few simple tweeks would really make my blog shine.
    Please let me know where you got your design. Thanks

  6. Hey there! I know this is somewhat off topic but I was wondering
    which blog platform are you using for this site?
    I’m getting tired of WordPress because I’ve had problems with
    hackers and I’m looking at options for another platform. I would be
    great if you could point me in the direction of a good platform.

  7. Fantastic beat ! I wish to apprentice whilst you amend your website,
    how could i subscribe for a weblog web site?
    The account helped me a applicable deal. I were tiny bit
    familiar of this your broadcast offered vibrant transparent concept

  8. If you desire to get much from this post then you have to apply such methods to your
    won blog.

  9. Thank you, I have just been looking for info approximately this topic for a
    long time and yours is the greatest I’ve found out so far.
    However, what about the bottom line? Are you certain about the
    supply?

  10. I was recommended this website by my cousin. I’m not sure whether
    this post is written by him as no one else know such detailed about my trouble.
    You’re incredible! Thanks!

  11. Highly energetic post, I enjoyed that a lot. Will there be a part 2?

  12. Greetings! Very useful advice in this particular article!
    It is the little changes which will make the largest changes.

    Many thanks for sharing!

  13. how to buy cialis online
    buy cialis
    order cialis mexico

  14. Hurrah, that’s what I was searching for, what a stuff!

    present here at this website, thanks admin of this site.

  15. Hello to every single one, it’s in fact a pleasant for me to visit this web page,
    it includes important Information.

  16. Hello every one, here every person is sharing these know-how, thus it’s fastidious to read
    this blog, and I used to go to see this weblog all the time.

  17. I couldn’t resist commenting. Exceptionally well written!

  18. It’s appropriate time to make some plans for the future
    and it is time to be happy. I have read this post and if I could I want to suggest you
    few interesting things or suggestions. Maybe you can write next articles referring to this article.

    I desire to read more things about it!

  19. Hey I am so thrilled I found your site, I really found you by error, while I was browsing on Yahoo for something else, Anyways I am here now and would just like to say cheers for a remarkable post and a all round
    enjoyable blog (I also love the theme/design), I don’t have time to go through it all
    at the moment but I have book-marked it and also added in your
    RSS feeds, so when I have time I will be back to read more, Please do keep up the awesome
    work.

  20. Good day! Do you know if they make any plugins to assist with SEO?
    I’m trying to get my blog to rank for some targeted keywords but I’m not seeing
    very good success. If you know of any please share. Cheers!

  21. Good day! This post couldn’t be written any better! Reading
    through this post reminds me of my good old room mate! He always kept
    talking about this. I will forward this write-up to him.
    Fairly certain he will have a good read. Many
    thanks for sharing!

  22. I think that what you published made a lot of sense.
    However, what about this? what if you composed a catchier post title?
    I am not saying your information isn’t solid, but suppose you added a post title that grabbed
    people’s attention? I mean Wannacry : El ransomware que hizo
    temblar al mundo – Blog – LionSec is kinda boring.
    You might glance at Yahoo’s front page and watch how they create post headlines to grab people to click.
    You might try adding a video or a pic or two to get people excited about what you’ve written. In my opinion,
    it would make your posts a little livelier.

  23. I am really enjoying the theme/design of your site. Do you ever
    run into any web browser compatibility issues?
    A handful of my blog visitors have complained about my blog not working correctly in Explorer but looks great
    in Safari. Do you have any solutions to help fix this problem?

  24. Howdy just wanted to give you a quick heads up.
    The text in your content seem to be running off the screen in Ie.
    I’m not sure if this is a formatting issue or something to do
    with internet browser compatibility but I
    figured I’d post to let you know. The layout look great though!

    Hope you get the issue solved soon. Kudos

  25. With havin so much content and articles do you ever run into any problems of plagorism or copyright violation? My site has a lot
    of unique content I’ve either created myself or outsourced but
    it seems a lot of it is popping it up all over the web without my agreement.
    Do you know any methods to help stop content from being stolen? I’d really
    appreciate it.

  26. After looking over a few of the blog posts on your web site, I honestly appreciate your technique of blogging.

    I book marked it to my bookmark website list and will be checking back in the near future.
    Please visit my web site as well and let me know your opinion.

  27. Hi there every one, here every person is sharing such familiarity, so it’s pleasant
    to read this blog, and I used to visit this website every day.

  28. After I originally commented I appear to have
    clicked the -Notify me when new comments are added- checkbox and now whenever
    a comment is added I recieve four emails with the exact same comment.
    There has to be a means you can remove me from that service?

    Thank you!

  29. kohls 30 off

    kohls 30 off coupons

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> 

5 × dos =

*