Categories: NewsTechnology

WannaCry Clone Marks the Fourth Major Ransomware Attack Against the Ukraine in two Months

While most people have all but forgotten about the WannaCry ransomware attack, residents of the Ukraine are dealing with a clone of this destructive malware. More specifically, it is one of the many ransomware campaigns targeting Ukraine specifically, which is quite problematic. This new clone does not have an official name yet, but it shows clear similarities to WannaCry.

Ukraine is a big Target for Ransomware Attacks

It is unclear why we currently have so many malware campaigns targeting Ukrainian consumers and corporations. Four different distribution campaigns have been discovered so far, although it is possible that number will continue to increase over the coming months. More specifically, the latest distribution campaign spreads a clone of the infamous

WannaCry ransomware
to as many people as possible. That is quite a problematic development, to say the least.

So far, several samples of this unnamed malware have been submitted to VirusTotal. A preliminary analysis shows it is flagged as a WannaCry clone, although no one knows for sure who is behind this particular malware strain. It does appear the malware has been in circulation since Monday, which makes it a precursor to the recent NotPetya global cyber warfare attack.

Security researchers have uncovered one particular aspect of this WannaCry clone, though. It appears the ransomware component can be found in a program directory on the hard drive which is specific to the M.E.Doc IS-pro software. More specifically, this particular software is a very popular accounting tool in the Ukraine. It is not the first time the program’s update servers have been used to launch malware attacks this year. This seems to hint at how someone has successfully hijacked the update server for malicious purposes.

Related Post

The company responsible for developing this accounting software denies any allegations of hosting trojanized versions of its app. That is quite interesting, considering multiple security research companies have confirmed the ransomware attack is originating from their servers. An official investigation is underway to get to the bottom of this problem and make sure no further attacks can be linked to the company.

It is evident this new ransomware is designed to look like WannaCry, even though it offers nothing spectacular. It is a visual clone, but that is where the similarities end. Under the hood, it is a very different type of malware, considering it is coded in .NET rather than C. It also doesn’t use an NSA exploit to spread itself, which makes it less of a threat to the entire world. It is evident a lot of ransomware developers want to ride the coattails of popular malware types.

The bigger question is why someone is deliberately targeting the Ukraine with so many ransomware attacks right now. It is almost as if someone has an actual grudge against the entire country, for some unknown reason. Four different ransomware attacks against one country in the span of just a few months is very problematic, to say the least. It is certainly possible this is all part of a larger cyber warfare threat which remains shrouded in mystery for the time being.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Cheems Surge On BSC Network: A Rising Star With Growing Market Value

The Cheems token on the Binance Smart Chain (BSC) is gaining significant momentum, surging by…

19 mins ago

Lester Token Crashes 40% Following Official Announcement

The value of $LESTER plummeted by 40% in the past 24 hours, leaving its market…

22 mins ago

From $30K To Millions: The Wild Journey Of $Quant And Xiaohaige’s Memecoin Stunts

In a bizarre turn of events, a young live-streamer known as Xiaohaige created the memecoin…

27 mins ago

Whale “convexcuck.eth” Makes Bold $CVX Move, Nets Significant Profit Amid Price Surge

The crypto whale known as "convexcuck.eth" has made waves in the DeFi world, spending $2…

31 mins ago

$ELIZA Token Launch Marred By Insider Trading Allegations

The launch of $ELIZA, a token introduced by Andreessen Horowitz (a16z) partner @shawmakesmagic, has sparked…

40 mins ago

Cardano’s Rally Highlights Diverging Moves Among Investors

Cardano ($ADA) has been making waves in the crypto market, breaking away from the altcoin…

43 mins ago