Blogger MalwareTech, who managed to suspend a massive infection of computers with a virus-extortioner WannaCry using the domain iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea. Com, reported on Twitter about an attempt by unknown people to establish control over the domain. - MalwareTech (@MalwareTechBlog) May 14, 2017, 13:10 "I received this letter last night. It seems that someone from China tried to steal the domain, "- wrote the programmer. Kaspersky Lab's cyber security specialist Costin Raiu commented on MalwareTech. In a conversation with The Independent, he suggested that the person attempting to seize the deactivator pursued one of two purposes: to suspend the activity of the deactivator domain or simply to find out the number of victims affected by the virus. "However, the operation broke down," Raiu said.. At the same time, the unknown are unlikely to be the creators of the WannaCry virus, the expert noted.. The fact is that the authors of WanaCrypt0r 2. 0 could easily create its new version without a vulnerability (kill switch), which allows the domain owner iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea. Com stop the distribution of the program. A few hours earlier Raiu reported on Twitter that the ability to neutralize the virus through a domain with a meaningless name is present in all known versions of WannaCry. - Costin Raiu (@craiu) May 14, 2017, 11:33 On May 13 it was reported that the spread of the extortion virus was managed to be suspended accidentally. At the same time, programmers warned that if hackers change the code, malware will start working again. The extortion virus WanaCrypt0r 2.

0 (aka WannaCry), which encrypts information and requires payment of a ransom, began to actively spread on May 12. Then it was reported that he infected tens of thousands of computers in 74 states of the world. Experts called this attack the most mass in history. On May 14, the director of Europol, Rob Wainwright, said that the number of victims of the virus could increase significantly in the morning of May 15 due to the beginning of the working week.

Original article: Unknown attempted to seize the deactivator of the extortion virus WannaCry.