Researcher finds 'kill switch'
A cybersecurity researcher appears to have discovered a "kill switch" that can prevent the spread of the WannaCry ransomware -- for now -- that has caused the cyberattacks wreaking havoc globally, they told AFP Saturday.
The researcher, tweeting as @MalwareTechBlog, said the discovery was accidental, but that registering a domain name used by the malware stops it from spreading.
For all latest news, follow The Daily Star's Google News channel. "Essentially they relied on a domain not being registered and by registering it, we stopped their malware spreading," @MalwareTechBlog told AFP in a private message on Twitter.
The researcher warned however that people "need to update their systems ASAP" to avoid attack.
"The crisis isn't over, they can always change the code and try again," @MalwareTechBlog said.
Friday's wave of cyberattacks, which affected more than 100 countries, apparently exploited a flaw exposed in documents leaked from the US National Security Agency.
The attacks used a technique known as ransomware that locks users' files unless they pay the attackers a designated sum in the virtual currency Bitcoin.
Affected by the onslaught were computer networks at hospitals in Britain, Russia's interior ministry, the Spanish telecom giant Telefonica and the US delivery firm FedEx and many other organisations.
"I will confess that I was unaware registering the domain would stop the malware until after I registered it, so initially it was accidental," @MalwareTechBlog tweeted.
Unfortunately however, computers already affected will not be helped by the solution.
"So long as the domain isn't revoked, this particular strain will no longer cause harm, but patch your systems ASAP as they will try again."
The malware's name is WCry, but analysts were also using variants such as WannaCry.
Comments