back to article China staggering under WannaCrypt outbreak

If reports from China are accurate, the country's often-bootlegged and under-patched Windows installations are being hit hard by the WannaCrypt ransom-worm. While the rest of the world seems to be enjoying some respite from the attacks, after researchers found and activated a kill switch in the original code, Xinhua reported …

  1. Anonymous Coward
    Anonymous Coward

    Kill switch

    Blocked by the great firewall?

    1. Voland's right hand Silver badge

      Re: Kill switch

      More likely new "kill-switch-less" versions resulting in an ELE of Windows XP.

      Chinese installs are under-patched because you can get security updates only via Windows Update nowdays. That does not quite work for 95%+ of the XP population over there is installed using one of the stolen product keys which Microsoft has a blacklist on.

      One thing for sure - this is going to drastically decrease the number of bootleg XPs still remaining. It will be impossible to attach one of this to a network. While before they just got infected, but still worked, now they will get b0rked within 5-7 minutes after being attached to a network. The fact that MSFT has provided patches will not help - pirated installs cannot get to them.

  2. Ole Juul

    It's cash for gas now.

    From what I read in the South China Morning Post, 20,000 gas stations went off line and will only take cash right now. The China National Petroleum Corporation is apparently running a customised version of XP.

    1. Anonymous Coward
      Anonymous Coward

      Re: Yay

      And thus the idea of "cashless society" was discredited forever.

      1. Anonymous Coward
        Anonymous Coward

        Re: Yay

        Ironically they and all government backed entities (such as highway toll booths) are still holding out on adopting cashless payment methods.

    2. Anonymous Coward
      Anonymous Coward

      "running a customised version of XP"

      or stolen in more plain language

  3. Yet Another Anonymous coward Silver badge

    Nervous criminals

    They have annoyed/embarrassed the Russian and Chinese governments

    Bitcoin isn't as anonymous as you might assume, especially if you are spending large amounts of it.

    Certain country's security forces aren't overly concerned about collateral damage

    1. Michael Hoffmann

      Re: Nervous criminals

      Heh, precisely what I was thinking.

      And now apparently, there's pointers fingering the Norks based on code fingerprint similarities with prior attacks/scam against the Bangladesh bank recently. For whatever that's worth.

      China would NOT be happy with the His Chubbiness the Dear Leader, not at all, precious.

      1. wolfetone Silver badge

        Re: Nervous criminals

        "And now apparently, there's pointers fingering the Norks based on code fingerprint similarities with prior attacks/scam against the Bangladesh bank recently. For whatever that's worth."

        Let's be frank, the NSA started this. So it's their fault.

        1. Anonymous Coward
          Anonymous Coward

          Re: Nervous criminals

          Without doubt, the NSA bears some responsibility for the breathtaking failure of security that allowed their hoard of penetration tools to be stolen. What disappoints me is that in two days I've not read a single line about the culpability of The Shadow Brokers. Presumably, they released the remainder of their purloined Equation Group kit to protest Trump policies. It is wholly unsurprising that it was not Trump who was the target of the cybercrims that gleefully snatched up the exploits; we were.

          Agree with their politics or no, The Shadow Brokers are no heroic Elliot Alderson-type figures. They deserve a healthy slice of blame for the damage their political protest has wrought.

        2. Robert Helpmann??

          Re: Nervous criminals

          ...the NSA started this. So it's their fault.

          "He started it" was shot down as a viable argument in my life around grade 3. There's plenty of fault to be spread around on this one. The people who found the exploit and wrote the tools to use them, the people who stole the tools and released them into the wild, the people who implemented this campaign, the people running un-patched and unprotected machines, the people who wrote the OS with all the vulnerabilities and didn't get them patched quickly enough when said vulnerabilities were exposed... I am sure I am missing someone, but blame doesn't help at this point. It may help after it has been determined who pulled the trigger. I am more interested in what can be done to prevent crap like this from happening in the future and I don't hear that being discussed much.

      2. handleoclast
        Black Helicopters

        Re: Nervous criminals

        To summarize:

        1) China and Russia got hit hard.

        2) China and Russia play hard ball.

        3) Fingerprints point at the Norks.

        Which got me thinking. What if somebody was upset with the Norks but couldn't deal with them as he'd like to because it would upset the Chinese? Releasing something like WannaCry with Nork fingerprints on it would solve his problems. The Chinese wouldn't object to fatty-boy getting assassinated because they'd be the ones doing the assassinating.

        The Trump just isn't smart enough to come up with a plan like that. But the CIA are.

        1. Anonymous Coward
          Anonymous Coward

          Re: Nervous criminals

          @ handleoclast not "smart enough" more like "stupid enough".

          The attack is too obvious even for the CIA so it is more likely that it is some other cackhanded group.

          Examining who gains from punishment of pirated XP in these countries and is pompously benighted enough to imagine the bovine excrement flavour breadcrumbs would be swallowed without anyone choking does offer some suggestions.

    2. Anonymous Coward
      Anonymous Coward

      Re: Nervous criminals

      Knock, knock.

      Tap. tap.

    3. Anonymous Coward
      Anonymous Coward

      Re: Nervous criminals

      true that.. although last I saw, there was an estimate of only $50,000 total in ransom paid for WannaCrypt.

      1. CentralCoasty
        Black Helicopters

        Re: Nervous criminals

        Does make you wonder that perhaps it was cover for something else.... or a warm up for something else....

      2. GloomyTrousers

        Re: Nervous criminals

        Up to $64k now. See

        Still, for the time it took to write, the risk, and the fact that they don't dare actually extract the cash, the miscreants aren't gonna see a very good ROI :-)

    4. Mike Moyle

      Re: Nervous criminals

      A security guy was quoted on National Public Radio this morning with what may be the understatement of the week; that, generally, these types of jobbers will try to avoid infecting countries where they live or hope to get their Bitcoins extracted through. These bozos apparently didn't think that part through and, "if the perpetrators live in one of the countries that have been hit hardest -- say, Russia -- that would be an incredibly bad life choice."

  4. John Smith 19 Gold badge

    China, always got to be bigger than everyone else.

    I think the Russian Federation is still ahead with at least 70 000 infections.

    As for those responsible.

    Probably time to start wearing a money belt and checking that fake ID you bought is really solid and ready to use.

    Coat because you don't know when you may have to go out the (back) door in a hurry.

  5. Anonymous South African Coward Silver badge

    I think this runaway infection exceeded all expectations - and then some.

    We will still be feeling the aftereffects months later.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021