Cybersecurity

WannaCry still lies dormant on thousands of computers

Why it matters: Even after 18 months, WannaCry still poses a significant threat to businesses worldwide. According to Kryptos Logic, over half a million computers are still infected. The ransomware has been mostly eradicated in the United States and United Kingdom, but remains a widespread problem in other parts of the world.

It has been a year and a half since the initial WannaCry ransomware outbreak, and the malware still poses a threat to thousands of computers. Recent data shows that hundreds of thousands of computers are still infected with the malicious software even though it is currently dormant.

The malware is inactive thanks to security researcher Marcus Hutchins at Kryptos Logic. Bleeping Computer notes that Hutchins found a bit of code in the ransomware that referenced an odd domain. The domain was unregistered, so he registered it only to discover that he had activated a kill switch.

WannaCry periodically pings this address. As long as the sinkholed domain is up and running the software will not encrypt files. If it were to go down, then the malware would kick in and begin causing trouble.