Wana Decrypt0r (Wanacry Ransomware) – Computerphile – Digitalmunition

Videos 1591225009_maxresdefault.jpg

Published on June 3rd, 2020 📆 | 5845 Views ⚑


Wana Decrypt0r (Wanacry Ransomware) – Computerphile

$300 or your files are toast: Dr Pound takes a look at the latest ransomware to be doing the rounds.

How Wana Decrypt0r encrypts files:

Microsoft Blog:
Professor Ross Anderson’s blog:
MalwareTech’s blog:

End to End Encryption:
Internet of Things Problems:

This video was filmed and edited by Sean Riley.

Computer Science at the University of Nottingham:

Computerphile is a sister project to Brady Haran’s Numberphile. More at

Tagged with:

48 Responses to Wana Decrypt0r (Wanacry Ransomware) – Computerphile

  1. Would you not just disable the update service, to disable windows 10 updates?

  2. Random folk: You shouldn't update Windows, it gets slower.
    Me: *Shows up this video*

  3. J H says:

    This really drags on…

  4. The dns lookup seems really weird. Any theory on why they included that?

  5. I can talking you plz your Email sent him!-

  6. SkinnyCow says:

    Hence why you use Linux. Fewer computers operate using this OS so its less profitable to invest time into hacking than Windows.

  7. Turn off your PC because you have no business running XP

  8. I do have business running XP quite literally. But I'm a computer science security researcher like yourself. They used to call me a white-hat hacker, then a certified ethical hacker (I still have that cert somewhere, maybe on CompTIA? IDK) now they call me a security researcher, but it doesn't matter the title, the job remains the same, find and plug the holes fast enough to keep the ship sailing. WannaCry was bussy work for me. I infected 3 hyper visors and was stressed out thinking I was gonna have to infect an isolated physical machine just to get a foothold when it hit the news… so by the time most of you heard about it, I was knee deep in a $h¡t-storm of it lol. Anyways, my point is lost on me so I'mma stop here.

  9. In 2019, it still encrypts files but the timer until deletion and the timer of money raise is broken and it says money raise in: 1/1/1970

  10. You can turn off updates in Windows 10, you just have to use Policy Editor. I don't let MS update my machine because they always want to do it at the wrong time. MS also needs to put a 'Cancel This Update' right next to 'Do Not Turn Off Your Computer.'

  11. And to think this could have been stopped if people actually updated their computers.

  12. P Kelly says:

    The folks who get paid the ransom, is it not possible for the law to pursue them ? Is the ransom paid into a traceable bank account ?

  13. "If you're running XP, the first think you should do is turn off your machine because you have no business running XP" proceeds then to pick a booger out of his nose and smear it on his shirt

  14. 4:13 when he says "first found by the NSA" would it be more accurate to say "exploit put in by Microsoft at the request of the NSA" ?

  15. 1:55 or you do a script on some op machines and decrypt 😀

  16. Mike could wear a gladiator outfit in these videos, to stop him from picking his left shoulder every 45 seconds… After watching 4 videos it is like "wtFF dude cmon take that shirt off please"

  17. toko099o says:

    Ransom ware is only as strong as the info on your machine is valuable.

  18. shody ryon says:

    the video is from 2017. in 2020 would you run a container rather than a VM?

  19. Forced updates, or forced anything is always a bad idea, because it actively fights against the freedom of the user.

  20. Get off Windows and install a more secure OS

  21. in France you found XP in many Banks as "laposte", I seen it when there is "bugs" on money distributors…. even if they have a special "XP" it is surprising to see that we "French" are so late on things.

  22. W Pontius says:

    WannaCry is still infecting PCs (2020) because patches are not being installed. Ever worse SMBv1 still lingers on in Windows 10.

  23. If I remember correctly, it would encrypt files with AES with a randomly generated key. An asymmetric key pair would then be created and the AES key encrypted with the public key. The private key would be stored on their server for retrieval after paying them the ransom.

  24. What if behind …Wanna cry was a Script kiddie who didn't know what he was doing

  25. Some guy: Oh cool, that ransomware links to some non-existent site, i can track how it spreads if i register it-
    ransomware: dies immediately after the site is created
    Some guy: cough skill

  26. 14:50 Nope I have my windows updates turned of for over 2 years now and i’m running windows 10 Pro.

  27. Ben Smart says:

    "If you're running XP, the first thing you should do is turn off your machine because you got no business running XP"
    That's an absolutely perfect quote, thank you Mike

  28. Vortex _ says:

    So the MalwareTech dude that he was talking about, he found the killswitch and then was hailed a hero. He lived in the UK and went to Las Vegas for a vacation and guess what? The FBI arrested him at the airport. It's because in his younger years when he was learning how to hack, he made a malware which he mistakenly sold to someone. The malware was then incorporated with Kronos which led to sensitive bank information to be leaked. He had trials and he wasn't allowed to leave the U.S. nor, was he allowed to legally work there for 18 months. He finally gave up and accepted his charges. On the day of his sentencing, the Judge let him go as he had done the world a huge favor by finding the killswitch and disabling WanaCry ransomware. A very interesting documentary, indeed! {also, when he was arrested, he was left on bail on a bond of $30k, his story got out in his country and the very second day, the community had paid it off completely!}

  29. Interestingly 2 of 3 known wannacry btc wallets are still active

  30. Vaishnav M says:

    antivirus quarantine 🙁
    0:18 second last line..

  31. wfang3456 says:

    Vulnerability from XP till Windows 7, Damn N_A =_=

  32. Vince G says:

    Talking about this like its the Corona Virus

  33. keyserxx says:

    Windows 10 updates will try to install updates. Sometimes those updates fail to install for whatever reason (bug) and happily go on unpatched until its noticed by a sysadmin.

  34. This is why bikes should never ride on the same spaces as cars.

  35. This gent is doing things for me with his intelligence and simple explanations.
    Aside that – this channel is fantastic. Thank you.

  36. j2simpso says:

    11:51 COVID-19 has entered the chat 🤦‍♂️

  37. its a wake up to jump onto Linux, nothing better then free and open source tested software.

  38. you cant really expect ppl who hacked the NSA to report there finding to Microsoft ….how would they do it ?? leave a contact info ??

  39. 8:50 – I seriously don't understand what could be the benefit of that. Why not just shut down? Like encrypt itself? I dunno.. so strange…

  40. Kaymax says:

    What are the books on the shelf?

  41. Your teeth look like the ends of muenster cheese.

  42. I hate automatic updates. Why does it always have to restart the computer? I now use a different OS. It updates, and rarely asks for a full restart.

  43. 10:15
    What is up with China and viruses !!?

  44. SamZcko says:

    Hey mike, I know you aren't reading this but thank you so much for being a breath of fresh air when defending Microsoft (the company I do tech support for). We get calls daily from customers who still in 2020 have not upgraded to Windows 10 and blame us for getting a virus on their machine running Windows 7. Thank you Michael Pound!!!

  45. Space Man says:

    THANK YOU – someone who finally doesn't uselessly complain about the first world problem of Windows Updates!

Leave a Reply