In the last few days, the internet has been caught off guard with numerous updates being posted regarding the sprawling effects of the WannaCry ransomware that exploited the vulnerabilities in Microsoft’s Windows operating system to hack more than 75,000 computers and counting last Friday.

Nevertheless, it seems like the worst is yet to come. In a recent report by HeimdalSecurity, another ransomware, going by the name of Uiwix, has emerged, which is exploiting the vulnerabilities found in Windows SMB v1 and SMB v2.

Is Uiwix similar to WannaCry?

Experts say that they have found traces of WannaCry in Uiwix. However, this does not mean that this ransomware is one and the same. Unfortunately, unlike WannaCry, Uiwix cannot be stopped from spreading just by registering a domain.


That is, previously, security experts were able to restrain the spread of WannaCry and its variant by registering the domain through which the ransomware was spreading. However, with Uiwix, this does not seem to be an option. Hence, it is safe to say that Uiwix is far more dangerous than WannaCry.


How does it work?

Uiwix works just like WannaCry by hijacking a user’s system altogether and preventing access to it until the user has paid the demanded amount of money. Also, the payment is demanded in bitcoins, and with the current exchange rate, the bitcoins demanded are equivalent to USD 218.


How to fix the problem?

Since Uiwix cannot be stopped like WannaCry, the only way to contain the virus is to fix the vulnerability that appears to be present in Windows.

How many victims?

The most recent report, which is by Europol, confirms that the ransomware has affected more than 200,000 users in around 150 countries. As can be seen, the number of victims are enough to indicate the power of Uiwix as compared to WannaCry, whose effect spanned across 99 countries initially.

How did Uiwix initiate?

It is quite surprising to have two similar ransomware exploiting the same vulnerability to appear twice so quickly. The only explanation is that the vulnerabilities in Windows software have not been fixed yet.

What is more surprising though, is that the security experts had been raising the issue with regards to these vulnerabilities in the past and the relevant companies had taken no action. Perhaps, this is because fixing the vulnerability calls for the relevant companies to collaborate extensively and share the resources to remove the flaw. Up till now, such collaboration has not been seen.

Prevention is better than cure

Given that the virus cannot be stopped as of now, the only way to protect yourself is to take some preventive precautions to avoid any trouble in the future. As such, experts warn that connecting your PC to a public WiFi spot and then initiating a VPN connection can spread the virus more severely. Hence, this is to be avoided at all costs.

Also, follow the below-mentioned steps:
  • Do not open an unknown email
  • Do not download files from an unknown email
  • Do not click files from an unknown email
  • Avoid visiting malicious sites
  • Do not download software and apps from a third-party store/website
  • Show hidden file extensions
  • Keep your system updates
  • Make sure you are using a reputable security suite
  • Back up your data
  • Use System Restore to get back to a known-clean state


The best defense against ransomware attacks is keeping a backup of your data. Apart from that, it is advised that users keep their systems updated with the latest security fixes released by Microsoft.

Source: http://hackread.com/
cyber malware security

Uiwix, yet another ransomware like WannaCry – only more dangerous

In the last few days, the internet has been caught off guard with numerous updates being posted regarding the sprawling effects of the WannaCry ransomware that exploited the vulnerabilities in Microsoft’s Windows operating system to hack more than 75,000 computers and counting last Friday.

Nevertheless, it seems like the worst is yet to come. In a recent report by HeimdalSecurity, another ransomware, going by the name of Uiwix, has emerged, which is exploiting the vulnerabilities found in Windows SMB v1 and SMB v2.

Is Uiwix similar to WannaCry?

Experts say that they have found traces of WannaCry in Uiwix. However, this does not mean that this ransomware is one and the same. Unfortunately, unlike WannaCry, Uiwix cannot be stopped from spreading just by registering a domain.


That is, previously, security experts were able to restrain the spread of WannaCry and its variant by registering the domain through which the ransomware was spreading. However, with Uiwix, this does not seem to be an option. Hence, it is safe to say that Uiwix is far more dangerous than WannaCry.


How does it work?

Uiwix works just like WannaCry by hijacking a user’s system altogether and preventing access to it until the user has paid the demanded amount of money. Also, the payment is demanded in bitcoins, and with the current exchange rate, the bitcoins demanded are equivalent to USD 218.


How to fix the problem?

Since Uiwix cannot be stopped like WannaCry, the only way to contain the virus is to fix the vulnerability that appears to be present in Windows.

How many victims?

The most recent report, which is by Europol, confirms that the ransomware has affected more than 200,000 users in around 150 countries. As can be seen, the number of victims are enough to indicate the power of Uiwix as compared to WannaCry, whose effect spanned across 99 countries initially.

How did Uiwix initiate?

It is quite surprising to have two similar ransomware exploiting the same vulnerability to appear twice so quickly. The only explanation is that the vulnerabilities in Windows software have not been fixed yet.

What is more surprising though, is that the security experts had been raising the issue with regards to these vulnerabilities in the past and the relevant companies had taken no action. Perhaps, this is because fixing the vulnerability calls for the relevant companies to collaborate extensively and share the resources to remove the flaw. Up till now, such collaboration has not been seen.

Prevention is better than cure

Given that the virus cannot be stopped as of now, the only way to protect yourself is to take some preventive precautions to avoid any trouble in the future. As such, experts warn that connecting your PC to a public WiFi spot and then initiating a VPN connection can spread the virus more severely. Hence, this is to be avoided at all costs.

Also, follow the below-mentioned steps:
  • Do not open an unknown email
  • Do not download files from an unknown email
  • Do not click files from an unknown email
  • Avoid visiting malicious sites
  • Do not download software and apps from a third-party store/website
  • Show hidden file extensions
  • Keep your system updates
  • Make sure you are using a reputable security suite
  • Back up your data
  • Use System Restore to get back to a known-clean state


The best defense against ransomware attacks is keeping a backup of your data. Apart from that, it is advised that users keep their systems updated with the latest security fixes released by Microsoft.

Source: http://hackread.com/