Over just four days in May, the WannaCry ransomware spread across the globe and infected hundreds of thousands of computers, encrypting files and leading to demands for payment to release the data. Brazilian government departments were not immune, and nor was the country’s biggest privately owned lender, Itaú Unibanco.
Even after a solution was found to halt the spread of the main form of the ransomware (a ‘kill-switch’), the virus had mutated and continued spreading. It was discovered that during execution the malware searched for an internet address and, when unable to find it, continued the attack. By registering that domain, the attack stopped. Variations of the virus did not have that feature.
