A new ransomware outbreak is spreading very quickly

Security researchers are warning of a ransomware outbreak that is spreading around the globe. Hospitals in the UK have been hit particularly hard, with reports of entire wards being shut down, patients being turned away, and staff sent home, Forbes reports.

The ransomware appears to be one of several tools belonging to the National Security Agency (NSA) that a hacking group known as The Shadow Brokers has been leaking to the web over the past several months. According to an Arstechnica report last month, The Shadow Brokers leaked around a gigabyte worth of weaponized software exploits, including one that targeted most versions of Windows.

This particular ransomware is called WCry. It's also been called several other names, including WannaCry, WannaCryptor, WannaCrypt, and Wana Decryptor. They're all the same and reference version 2.0 of WCry, BleepingComputer reports.

Twitter via MalwareHunterTeam. Click for original.

Twitter via MalwareHunterTeam. Click for original. (Image credit: MalwareHunterTeam)

As the day has gone on, WCry has spread to the U.K. and other parts of the world. Earlier in the day a researcher for Kaspersky Lab noted 45,000 attacks in 74 countries, and said that WCry's list of victims was "growing fast."

There is a live map at MalwareTech that shows WCry spreading to victims in real time. According to Avast security researcher Jakub Kroustek, WCry has claimed over 57,000 PCs in just a few hours, some of the first of which were Spanish companies, such as utility outfits Telefonica, Gas Natural, and Iberdrola.

Forbes says victims have been asked to cough up $300 to remove the infection and decrypt their files. Otherwise, their data remains encrypted and inaccessible. On top of that, victims are being told that after 7 days, their files will be lost forever if the ransom is not paid.

The ransomware is said to have initially spread through spam containing fake invoices, job offers, and other attempts aimed at random email addresses. However, it's also been able to spread through the worm-like EternalBlue exploit.

Paul Lilly

Paul has been playing PC games and raking his knuckles on computer hardware since the Commodore 64. He does not have any tattoos, but thinks it would be cool to get one that reads LOAD"*",8,1. In his off time, he rides motorcycles and wrestles alligators (only one of those is true).