How a $10.69 purchase may have sidelined the global malware attack

  • 05/24/2017
  • Press Corp
LONDON — As the world began Friday to understand the dimensions of Wanna Decryptor 2.0, the ransomware that has crippled computers worldwide, a vacationing British cybersecurity researcher was already several steps ahead.

About 3 p.m. Eastern time, the specialist with U.S. cybersecurity enterprise Kryptos Logic bought an unusually long and nonsensical domain name ending with “gwea.com.” The 22-year-old says he paid $10.69, but his purchase might have saved companies and governmental institutions around the world billions of dollars.

By purchasing the domain name and registering a website, the cybersecurity researcher claims that he activated a kill switch. It immediately slowed the spread of the malware and could ultimately stop its current version, cybersecurity experts said Saturday. Britain's National Cyber Security Center confirmed Saturday that it was collaborating with the 22-year-old and other private researchers to stop the malware from spreading.

Hidden in the malware, the kill switch probably was not supposed to be activated anytime soon. Perhaps it was never supposed to be there in the first place.

Read more at The Washington Post