The Story Behind the WannaCry Heroes

  • Thread starter jedishrfu
  • Start date
10,689
4,247
Two researchers tracking the spread of the WannaCry malware register its command and control server domain and stop WannaCry in its tracks.

The sinkhole that saved the internet
http://flip.it/rEjmXF
 
10,689
4,247
What got me about this story is that even while these two guys are holding onto the domain there's another entity trying to bring it down via DDOS and then there are yet other friendly entities who provide technical support and equipment to keep it up but the whole effort still relies on these two guys watching the domain server day and night.

Lastly, there's the journalists, driven to get their story, trying to DOX the heros and in doing so almost scuttling the effort of keeping up the domain server.

And through all that there are still machines infected with the virus ready to encrypt once the domain falls.

I feel there's a real movie potential here. Good guys, bad guys, digital chase scenes ala Wargames and a good guy with a checkered past.

Ten after all is said and done the hero gets arrested for things he did in his teen years where he likely honed his hacking skills, skills he needed to fight this world wide menace.

So epic!
 

anorlunda

Mentor
Insights Author
Gold Member
7,122
3,917
I feel there's a real movie potential here. Good guys, bad guys, digital chase scenes ala Wargames and a good guy with a checkered past.
How sad that Mad Magazine is gone. Their Spy Vesus Spy column fit this theme perfectly.

246332


The take away lesson is that the Spy Versus Spy struggle never ends.
 
10,689
4,247
There's a kind of Rugby nature behind this. I get the ball and run a bit before I stumble and drop the ball. Someone takes the ball and continues running while we chase trying to get it back.

In the end the guy with the ball wins or is winning until he/she too drops the ball and someone else picks it.
 

Wrichik Basu

Gold Member
2018 Award
1,063
935
@jedishrfu I am not into too much of these hacking technologies, so can you answer a few questions?

What is meant by "registering the domain"?

And what is the "kill switch"? The article said that botnet Mirai tried to bring down the kill switch by attacking it with excess web traffic. How does this kill switch work?
 
1,889
192
@jedishrfu I am not into too much of these hacking technologies, so can you answer a few questions?

What is meant by "registering the domain"?

And what is the "kill switch"? The article said that botnet Mirai tried to bring down the kill switch by attacking it with excess web traffic. How does this kill switch work?
the virus does an http get to iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/ and exits if any replay comes back. see https://blog.talosintelligence.com/2017/05/wannacry.html
This might have done to prevent execution of the worm in a sandbox, wich might reply to any domain contacted from within the sand box. If you register the domain, dns servers on the internet will give the ip adress(ses) for your server(s) to any computer that tries to look up the above domain name. If you then make sure there's an http server with that ip address, the virus will get an answer, and exit and not propagate.
 

rbelli1

Gold Member
866
307
prevent execution of the worm in a sandbox
Also you can inoculate your own and other friendly networks from the threat.

BoB
 

Want to reply to this thread?

"The Story Behind the WannaCry Heroes" You must log in or register to reply here.

Related Threads for: The Story Behind the WannaCry Heroes

Replies
19
Views
1K
  • Posted
Replies
2
Views
1K
Replies
2
Views
1K
  • Posted
Replies
4
Views
2K

Physics Forums Values

We Value Quality
• Topics based on mainstream science
• Proper English grammar and spelling
We Value Civility
• Positive and compassionate attitudes
• Patience while debating
We Value Productivity
• Disciplined to remain on-topic
• Recognition of own weaknesses
• Solo and co-op problem solving
Top