WannaSmile

Latest Software, Security

A temporary fix for the WannaCry ransomware, which stops SMB and adds the known kill-switch domains to the hosts file in Windows.

  • WannaSmile
  • Version :1.0.0
  • License :Trial
  • OS :Windows All
  • Publisher :Indrajeet Bhuyan

Download Now

WannaSmile Description

The WannaCry epidemic started on 12 May 2017, creating what was called the “cyber-apocalipse”. The ransomware virus spread fast around the world, mostly affecting PCs with operating system versions that are no longer supported, such as Windows XP, 2003, or Vista.

With an impressive number of infections (over 300,000 individual computers worldwide in just 48 hours) and financial loss for more than 10,000 companies that were touched by the malware, security researchers have tried to track it and at least slow it down, if not stop it.

With a name that speaks for itself, WannaSmile attempts to help protect computers against this ransomware, as described below.

WannaCry, also known as WannaCrypt, WanaCrypt0r, WCrypt, or WCRY uses a vulnerability in Microsoft’s SMB, turned on by default. Running as a Windows service (use “setup.exe” and start the service manually or run WannaSmile.exe with administrator rights), WannaSmile turns off the SMB (although you can also do this operation manually).

Additionally, it makes use of the kill-switch found by MalwareTech and adds the known addresses that stop the malware from spreading in the “hosts” file of Windows.

As you can imagine, this is just a temporary fix. Modified versions of WannaCry have already been observed, with no kill-switch. Therefore, WannaSmile might not be effective against WannaCry 2.0.

The only permanent solution is to update your operating system, especially if you are using an older Windows iteration. Furthermore, it is highly advisable you install a reliable antivirus solution and scan your PC periodically. Cautious online behavior is also mandatory to avoid ransomware infections. WannaSmile can only contribute to preventing WannaCry from reaching your PC, but it does not remove the ransomware if the machine is already infected.

System requirements

  • Administrator rights
  • .NET Framework 4.5.2

Leave a Reply

Your email address will not be published.