WannaCrypt Ransomware Spreads Like A Worm Via NSA Exploit
UPDATE (May 14): WannaCrypt/WannaCry is still being delivered through file sharing services over https at hxxps://transfer.sh and hxxps://down.xn--wda.fr/
The WannaCrypt ransomware (aka WannaCryptor, Wcrypt, and WannaCry) has managed to infect thousands of systems within just a few hours of its first appearance yesterday, with estimates on the order of 100,000 PC infections in 100 countries. There are reports of disruption at the likes of British National Health Service medical centers, German Railway ticket computers, FedEx and Telefonica, which apparently ordered employees to disconnect their computers from the corporate network in an attempt to stymie the spread of WannaCrypt. The ransomware encrypts files found on the system and initially demands ransom payment of $300 delivered in Bitcoin to a specific address, with the payment demand amount reportedly escalating over time.