THE HAGUE - An investigator of the MalwareTech blog has discovered how the infection of computers and the spread of the ransomware WannaCrypt goes into its work and how it can be stopped. The hostage software connected to a domain name that was not found to be registered. The researcher has registered the domain name. If infected machines get in touch, the domain name now acts as 'kill switch', an 'emergency brake' that stops the infection.
Since Friday, tens of thousands of computers have been hit by the ransomware around the world. The malicious software encrypts files and unlocks them again for payment.
See also: Deutsche Bahn also victim of ransomware
Windows 7 users should update their system as soon as possible to protect the computer against a ransomware attack. Criminals have been trying to penetrate computers across the world since Friday through WannaCrypt, also called WannaCry. Microsoft has a 'patch' available, also for unsupported versions of Windows, reports the National Cyber Security Center.