The Story Behind the WannaCry Heroes

  • Thread starter Thread starter jedishrfu
  • Start date Start date
Click For Summary

Discussion Overview

The discussion centers around the actions of two researchers who registered the command and control server domain of the WannaCry malware, effectively halting its spread. Participants explore the implications of this event, including the challenges faced by the researchers, the involvement of other entities, and the narrative potential of the story.

Discussion Character

  • Exploratory
  • Conceptual clarification
  • Debate/contested

Main Points Raised

  • Some participants highlight the collaborative effort required to maintain the domain server, noting the threats from other entities attempting to disrupt it.
  • There is a suggestion that the story has cinematic potential, with themes of good versus evil and personal redemption.
  • One participant draws an analogy to rugby, describing the ongoing struggle to maintain control over the situation as akin to players passing a ball.
  • Questions are raised about technical aspects such as "registering the domain" and the concept of a "kill switch," with some participants seeking clarification on these terms.
  • Technical explanations are provided regarding how the virus interacts with the registered domain and the implications for preventing its execution in certain environments.

Areas of Agreement / Disagreement

Participants express a mix of fascination and curiosity about the events surrounding WannaCry, but there is no consensus on the narrative or technical aspects discussed. Multiple viewpoints and interpretations are present, particularly regarding the implications of the researchers' actions and the technical details of the malware.

Contextual Notes

Some technical claims about the virus's behavior and the functioning of the kill switch remain unresolved, with participants providing varying levels of understanding and detail.

Who May Find This Useful

Readers interested in cybersecurity, malware analysis, and the narrative potential of real-world hacking events may find this discussion engaging.

jedishrfu
Mentor
Insights Author
Messages
15,699
Reaction score
10,509
Two researchers tracking the spread of the WannaCry malware register its command and control server domain and stop WannaCry in its tracks.

The sinkhole that saved the internet
http://flip.it/rEjmXF
 
  • Like
Likes   Reactions: mfb, Tom.G and phinds
Computer science news on Phys.org
Fascinating. Thanks for posting.
 
  • Like
Likes   Reactions: jedishrfu
What got me about this story is that even while these two guys are holding onto the domain there's another entity trying to bring it down via DDOS and then there are yet other friendly entities who provide technical support and equipment to keep it up but the whole effort still relies on these two guys watching the domain server day and night.

Lastly, there's the journalists, driven to get their story, trying to DOX the heros and in doing so almost scuttling the effort of keeping up the domain server.

And through all that there are still machines infected with the virus ready to encrypt once the domain falls.

I feel there's a real movie potential here. Good guys, bad guys, digital chase scenes ala Wargames and a good guy with a checkered past.

Ten after all is said and done the hero gets arrested for things he did in his teen years where he likely honed his hacking skills, skills he needed to fight this world wide menace.

So epic!
 
jedishrfu said:
I feel there's a real movie potential here. Good guys, bad guys, digital chase scenes ala Wargames and a good guy with a checkered past.
How sad that Mad Magazine is gone. Their Spy Vesus Spy column fit this theme perfectly.

246332


The take away lesson is that the Spy Versus Spy struggle never ends.
 
  • Like
Likes   Reactions: jedishrfu
There's a kind of Rugby nature behind this. I get the ball and run a bit before I stumble and drop the ball. Someone takes the ball and continues running while we chase trying to get it back.

In the end the guy with the ball wins or is winning until he/she too drops the ball and someone else picks it.
 
@jedishrfu I am not into too much of these hacking technologies, so can you answer a few questions?

What is meant by "registering the domain"?

And what is the "kill switch"? The article said that botnet Mirai tried to bring down the kill switch by attacking it with excess web traffic. How does this kill switch work?
 
Wrichik Basu said:
@jedishrfu I am not into too much of these hacking technologies, so can you answer a few questions?

What is meant by "registering the domain"?

And what is the "kill switch"? The article said that botnet Mirai tried to bring down the kill switch by attacking it with excess web traffic. How does this kill switch work?
the virus does an http get to iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/ and exits if any replay comes back. see https://blog.talosintelligence.com/2017/05/wannacry.html
This might have done to prevent execution of the worm in a sandbox, which might reply to any domain contacted from within the sand box. If you register the domain, dns servers on the internet will give the ip address(ses) for your server(s) to any computer that tries to look up the above domain name. If you then make sure there's an http server with that ip address, the virus will get an answer, and exit and not propagate.
 
willem2 said:
prevent execution of the worm in a sandbox

Also you can inoculate your own and other friendly networks from the threat.

BoB
 
  • Like
Likes   Reactions: krater

Similar threads

Autonomous research with large language models
  • · Replies 3 ·
Replies
3
Views
4K
Current and Future AI Threats to Humanity and the Human Response
  • · Replies 10 ·
Replies
10
Views
5K
The Scientist as Hero - or not
  • · Replies 1 ·
Replies
1
Views
4K
Calculators Virus Removal, New viruses acting as anti-virus scanners
  • · Replies 17 ·
Replies
17
Views
16K
100 Processors on a Single Chip
  • · Replies 4 ·
Replies
4
Views
3K
Anyone sick and tired of all the fancy techy stuffs?
  • · Replies 22 ·
Replies
22
Views
3K
Coccidioidomycosis, deadly fungal disease, no effective cure
  • · Replies 11 ·
Replies
11
Views
2K
Carrier IQ Your cell phone's secret big brother
  • · Replies 1 ·
Replies
1
Views
2K
Oculus Rift VR Headset | Kickstarter | MTBS3D
  • · Replies 15 ·
Replies
15
Views
8K
MHB Online Sage Commands at the Sage Cell Server
  • · Replies 3 ·
Replies
3
Views
6K