After more than a year of seeming to be dormant, a new twist on the WannaCry hack has emerged, mainly hitting computers in the United Kingdom. The infection has already become such an issue that London’s Action Fraud unit has issued an alert about the resurgence. In just two days, the police unit received close to 300 reports of computer users being blackmailed by the hackers. But this attack may not be what it at first appears to be.
What separates this from the previous hack is that it is actually an empty threat. The previous hack encrypted the files and blocked user’s access to their computer. The current slate of emails are just phishing expeditions. They are emails supposedly from the WannaCry hackers that are meant to scare users into jumping the gun and giving in to the demands without realizing their computers aren’t really infected. However, many people are “erring on the side of caution” and paying the ransom even though they don’t need to.
The previous WannaCry outbreak from May of 2017 would infect the victim’s computer; then the user would receive an email claiming that their files have been hacked and encrypted with the virus. A ransom was required, usually paid in BitCoins, for the files to be unencrypted.
Last May, over 200,000 computers spanning more than 150 countries were infected. Some affected computers belonged to hospitals and healthcare services such as the National Health Services in England and Scotland. Computers could not be booted up, and many pieces of equipment, including MRI scanners and blood storage units were temporarily shut down, affecting the health care of almost 7,000 patients. Overall, hackers were paid approximately $150,000 in BitCoins to return access to the infected computers and files.
The emails in this new attack claim that the computer’s files will be deleted on a specified date if the ransom is not paid. There is no evidence that this supposed infection will do this, however. The London Action Unit have also pointed out similar emails from the “WannaCry-Hack-team” with the subject heading “!!Warning Wannacrypt!!!” In fact, this is the second overall slate of such phishing tactics trying to cash in on the notoriety of the WannaCry hack.
Emails claiming that a user’s computer has been hacked can sometimes be just spam, with the goal of tricking email recipients into giving up sensitive information. As always, users should be suspicious of emails from unknown persons and steer clear of opening anything that is not sent from a known user. In addition, if an email from a user is sent with an odd link or claims that “you’re infected,” then these should be referred to IT professionals for immediate review.