• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 28th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Events
Cyber Attacks

Uiwix, yet another ransomware like WannaCry – only more dangerous

May 15th, 2017 Jahanzaib Hassan Security, Cyber Attacks, Cyber Crime, Malware 0 comments
Uiwix, yet another ransomware like WannaCry – only more dangerous
Share on FacebookShare on Twitter

In the last few days, the internet has been caught off guard with numerous updates being posted regarding the sprawling effects of the WannaCry ransomware that exploited the vulnerabilities in Microsoft’s Windows operating system to hack more than 75,000 computers and counting last Friday.

Nevertheless, it seems like the worst is yet to come. In a recent report by HeimdalSecurity, another ransomware, going by the name of Uiwix, has emerged, which is exploiting the vulnerabilities found in Windows SMB v1 and SMB v2.

Is Uiwix similar to WannaCry?

Experts say that they have found traces of WannaCry in Uiwix. However, this does not mean that this ransomware is one and the same. Unfortunately, unlike WannaCry, Uiwix cannot be stopped from spreading just by registering a domain.

#WannaCry #ransomware: Researcher halts its spread by registering domain for $10.69 | https://t.co/rEVlQBECkI #WannaCrypt0r #Security pic.twitter.com/6xdquDXUgQ

— HackRead.com (@HackRead) May 13, 2017

That is, previously, security experts were able to restrain the spread of WannaCry and its variant by registering the domain through which the ransomware was spreading. However, with Uiwix, this does not seem to be an option. Hence, it is safe to say that Uiwix is far more dangerous than WannaCry.

Researcher Finds Kill Switch for the new variant of #WannaCry Ransomware | https://t.co/EM3BLtQPUh #Security #Ransomware #WannaCrypt0r pic.twitter.com/WmR6xWXlYW

— HackRead.com (@HackRead) May 14, 2017

How does it work?

Uiwix works just like WannaCry by hijacking a user’s system altogether and preventing access to it until the user has paid the demanded amount of money. Also, the payment is demanded in bitcoins, and with the current exchange rate, the bitcoins demanded are equivalent to USD 218.

Uiwix ransomware note

How to fix the problem?

Since Uiwix cannot be stopped like WannaCry, the only way to contain the virus is to fix the vulnerability that appears to be present in Windows.

  • Attackers are easily able to exploit these vulnerabilities in a network if it’s enabled because, even when the system uses SMB v2 or v3, if the attacker can downgrade the communication to SMB v1, he can exploit the system. This is where the man-in-the-middle attack of a Windows SMB v1-enabled system can become an issue, even if it’s not being used, said Andra Zaharia of Heimdal Security

How did Uiwix initiate?

It is quite surprising to have two similar ransomware exploiting the same vulnerability to appear twice so quickly. The only explanation is that the vulnerabilities in Windows software have not been fixed yet.

What is more surprising though, is that the security experts had been raising the issue with regards to these vulnerabilities in the past and the relevant companies had taken no action. Perhaps, this is because fixing the vulnerability calls for the relevant companies to collaborate extensively and share the resources to remove the flaw. Up till now, such collaboration has not been seen.

Prevention is better than cure

Given that the virus cannot be stopped as of now, the only way to protect yourself is to take some preventive precautions to avoid any trouble in the future. As such, experts warn that connecting your PC to a public WiFi spot and then initiating a VPN connection can spread the virus more severely. Hence, this is to be avoided at all costs.

[fullsquaread][/fullsquaread]

Also, follow the below-mentioned steps:

  1. Do not open an unknown email
  2. Do not download files from an unknown email
  3. Do not click files from an unknown email
  4. Avoid visiting malicious sites
  5. Do not download software and apps from a third-party store/website
  6. Show hidden file extensions
  7. Keep your system updates
  8. Make sure you are using a reputable security suite
  9. Back up your data
  10. Use System Restore to get back to a known-clean state

The best defense against ransomware attacks is keeping a backup of your data. Apart from that, it is advised that users keep their systems updated with the latest security fixes released by Microsoft.

Note:

This article has been updated after a discussion with Heimdal Security due to uncertainty surrounding the numbers of victims Uiwix has affected – As of now the total number of victims is still unknown. More to follow. 


DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

  • Tags
  • hacking
  • internet
  • Malware
  • Microsoft
  • Privacy
  • Ransomware
  • security
  • Windows
Facebook Twitter LinkedIn Pinterest
Previous article Researcher Finds Kill Switch for new variant of WannaCry Ransomware
Next article How to Improve Your SEO through Enhanced Web Security
Jahanzaib Hassan

Jahanzaib Hassan

Related Posts
NetWalker ransomware disrupted - Cryptocurrency and domain seized

NetWalker ransomware disrupted - Cryptocurrency and domain seized

World's Most 'Resilient Malware' Botnet Emotet Taken Down

World's Most 'Resilient Malware' Botnet Emotet Taken Down

Top Cybersecurity Threats to Watch in 2021

Top Cybersecurity Threats to Watch in 2021

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
NetWalker ransomware disrupted - Cryptocurrency and domain seized
Cyber Crime

NetWalker ransomware disrupted - Cryptocurrency and domain seized

43
Transferring Whatsapp data from iPhone to Android with MobileTrans
How To

Transferring Whatsapp data from iPhone to Android with MobileTrans

29
World's Most 'Resilient Malware' Botnet Emotet Taken Down
Cyber Crime

World's Most 'Resilient Malware' Botnet Emotet Taken Down

85

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us