CrowdStrike Falcon Prevents WannaCry Ransomware

Wanna (also known as WannaCry, WCry, WanaCrypt and WanaCrypt0r) ransomware exploded onto the ransomware scene on May 12, 2017, with a mass campaign impacting organizations in many countries. This second variant of the ransomware has been leveraging the EternalBlue (MS-17010) vulnerability, released by the Shadow Brokers actors (CrowdStrike Falcon Intelligence subscribers, see CSA-17082), in order to spread over victim networks via the Windows file sharing protocol, Server Message Block (SMB), following an initial infection.