WannaFix Proposal, "Why not use the WannaCry exploit to our advantage?"
Cyber Security Forensic Expert Simon Smith of eVestigator, an Australian-based firm, has come up with a novel idea. Why not use the exploit to cure the exploit?
By: Simon Smith eVestigator
Amongst decompiling the WannaCry malware in the morning of the 15th May 2017, Mr. Smith of eVestigator was tracking IP traffic, monitoring incoming and outgoing packets and finding TOR exit nodes, not surprisingly. Mr. Smith did capture packets sending traffic to a University of NSW TOR exit node, and it is only one leg in the transaction. Mr. Smith has written an updated TOR browser for iOS and is a specialist Expert Witness in Cryptology, Bitcoin, the Dark Web and Blockchain amongst other High-tech areas of IT Forensics.
Following an interview returning from SBS World News, which aired last night in Melbourne, Mr. Smith had an idea about the Ransomware and spread it through his social network. He sent this message on the 15 May 2017 to his 26,000 LinkedIn Quality Connections and large Twitter followers and to a large audience on Facebook. He woke up to find that his idea was well received and not so out there after all. Mr. Smith is an innovative person and is always looking for solutions. It read as follows:
"I just had a brilliant idea! If we #WannaFix this fast why don't we spread the patch using the same exploit in the masses. Get all ISPs to place a red letter in every bill, meanwhile we broadcast through the entire DNS a flood of a variation of this that simply executes a wrapped up version of the Microsoft patches with all versions built in. It's brilliant! What do you think? Simon Smith, Cyber Security Forensic Investigator"
This morning, he looked at the number of views and thought, "Well that's not such a bad idea" and came up with a concept of packaging a self-extracting EXE file for all operating systems that would tunnel through the same exact exploit. Instead of vulnerable computers seeing #WannaCry or #WannaCrypt they would see #WannaFix. This would be a perfect way to compete with this #Ransomware. Mr. Smith mocked up a screen attached. It would be validated against a third party trusted SSL server (preferably Microsoft) and must have a unique GUID per EXE that matches a list on the server.
Mr. Smith proposes that Microsoft, the NCCU, other interested Cyber security experts as well as himself promptly put this application together as Australia is one country that has just also started to see this ransomware. Mr. Smith predicts that the 'lazy opportunists' will be onto this exploit asking for much larger sums in Bitcoin sooner rather than later.
Mr. Smith proposes this potential innovative solution to Microsoft, the NCCU, and Interested Parties and wishes to work with such teams to help package such a solution.
(Remember, humans are the weakest link in any System. Technology comes second!)
Vote for Simon Smith as the 2018 Cyber Professional of the Year before
eVestigator Cyber Forensic IT & Expert Witness Svc