lazarusholic

• Reported: 2017-05
• Locations: Worldwide, Russian Federation, Japan, United Kingdom, France, Korea, Republic of, India, China, Germany, Spain, Indonesia, Brazil, United States
• Motivations: #FinancialGain

The WannaCry ransomware attack (May 2017) was a global cryptoworm outbreak that exploited the leaked NSA-developed EternalBlue vulnerability in Microsoft Windows SMBv1, enabling it to self-propagate automatically across networks without user interaction; once infected, systems had their files encrypted and were held for ransom ($300–$600 in Bitcoin), rapidly spreading to over 200,000–230,000 systems in more than 150 countries within days, severely disrupting critical sectors such as healthcare (e.g., hospitals), transportation, and telecommunications, with estimated damages reaching hundreds of millions to billions of dollars; although Microsoft had released a patch prior to the attack, widespread failure to update systems allowed mass exploitation, and while a discovered “kill switch” eventually slowed the spread, the incident became a landmark example of wormable ransomware leveraging leaked state-developed exploits, highlighting the catastrophic impact of unpatched vulnerabilities and marking a turning point in global cybersecurity awareness.