Well, the Cyber Attack against the NHS has certainly caused a storm of protest. Monday we are told to expect a second wave of attacks. So how did researchers manage to stop this attack so quickly? The answer is that the coders made some very simple errors. They hardcoded in a kill switch, which UK researchers registered and triggered.
Here’s the code:
Step 1 – Hit the kill switch – if there is one
MalwareTech requested the domain that acts as a kill switch.
This stops the infection of new devices.
Step 2 – Look for unregistered Malware control server domains – as a Procedure
Now one thing that’s important to note is the actual registration of the domain was not on a whim. My job is to look for ways we can track and potentially stop botnets (and other kinds of malware), so I’m always on the lookout to pick…
View original post 357 more words