The Microsoft Tax: Leaked NSA malware hijacks Windows PCs worldwide; Macintosh unaffected

“In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the ‘Shadow Brokers,'” Sam Biddle reports for The Intercept. “Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.”

“The malware worm taking over the computers goes by the names ‘WannaCry’ or ‘Wanna Decryptor.’ It spreads from machine to machine silently and remains invisible to users until it unveils itself as so-called ransomware, telling users that all their files have been encrypted with a key known only to the attacker and that they will be locked out until they pay $300 to an anonymous party using the cryptocurrency Bitcoin,” Biddle reports. “At this point, one’s computer would be rendered useless for anything other than paying said ransom.”

“According to experts tracking and analyzing the worm and its spread, this could be one of the worst-ever recorded attacks of its kind. The security researcher who tweets and blogs as MalwareTech told The Intercept, ‘I’ve never seen anything like this with ransomware,’ and ‘the last worm of this degree I can remember is Conficker,'” Biddle reports. “Conficker was a notorious Windows worm first spotted in 2008; it went on to infect over 9 million computers in nearly 200 countries.”

Read more in the full article here.

“An ‘accidental hero’ has halted the global spread of the WannaCry ransomware, reportedly by spending a few dollars on registering a domain name hidden in the malware,” Olivia Solon reports for The Guardian. “A UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and activated a ‘kill switch’ in the malicious software.”

“The switch was hardcoded into the malware in case the creator wanted to stop it spreading. This involved a very long nonsensical domain name that the malware makes a request to – just as if it was looking up any website – and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading,” Solon reports. “‘I saw it wasn’t registered and thought, ‘I think I’ll have that,” he is reported as saying. The purchase cost him $10.69. Immediately, the domain name was registering thousands of connections every second.”

Solon reports, “The kill switch won’t help anyone whose computer is already infected with the ransomware, and and it’s possible that there are other variants of the malware with different kill switches that will continue to spread.”

Read more in the full article here.

MacDailyNews Take: The Microsoft Tax is the gift that keeps on giving.

Windows sufferers: Get rid of that upside-down and backwards fake and get a real Mac.

USB Kill 2.0 can destroy any Windows PC in seconds, Apple Macintosh unaffected – September 12, 2016
The Microsoft Tax: Malicious worm on Skype lets hackers hold Windows PCs for ransom; Macintosh unaffected – October 10, 2012
The Microsoft Tax: Critical Windows flaw affects millions of high-value PCs with self-replicating attacks – March 13, 2012
The Microsoft Tax: Virus infects Windows PC control systems of US Predator and Reaper drones – October 8, 2011
The Microsoft Tax: ‘Indestructible’ botnet attacks millions of Windows PCs; Macintosh unaffected – July 1, 2011
The Microsoft tax: Stuxnet computer worm infects Microsoft’s porous Windows OS; Mac unaffected – September 27, 2010
The Microsoft Tax: New undetectable Windows trojan empties bank accounts worldwide; Mac unaffected – August 11, 2010
The Microsoft Tax: Windows zero-day flaw exposes users to code execution attack; Mac unaffected – August 09, 2010
The Microsoft Tax: Critical flaw lets hackers take remote control of Windows PCs; Mac unaffected – August 07, 2010
The Microsoft Tax: New attack bypasses every Windows XP security product tested; Mac unaffected – May 11, 2010
The Microsoft Tax: McAfee correctly identifies Windows as malware; Macintosh unaffected – April 21, 2010
The Microsoft Tax: DNS Windows PC Trojan poses as iPhone unlock utility; Mac and iPhone unaffected – April 15, 2010
The Microsoft Tax: 1-in-10 Windows PCs still vulnerable to Conficker worm; Macintosh unaffected – April 08, 2010
The Microsoft Tax: 74,000 Windows PCs in 2,500 companies attacked globally; Mac users unaffected – February 18, 2010
The Microsoft Tax: Widespread attacks exploit Internet Explorer flaw; Macintosh unaffected – January 22, 2010
The Microsoft Tax: Windows 7 zero-day flaw enables attackers to cripple PCs; Macintosh unaffected – November 16, 2009
The Microsoft Tax: Windows 7 flaw allows attackers to remotely crash PCs; Macintosh unaffected – November 12, 2009
The Microsoft Tax: Windows virus delivers child porn to PCs, users go to jail; Mac users unaffected – November 09, 2009
The Microsoft Tax: Worms infest Windows PCs worldwide; Mac users unaffected – November 02, 2009
The Microsoft Tax: Banking Trojan horse steals money from Windows sufferers; Mac users unaffected – September 30, 2009
The Microsoft Tax: Serious Windows security flaw lets hackers to take over PCs; Macintosh unaffected – July 07, 2009
The Microsoft Tax: Windows Conficker worm hits hospital devices; Macintosh unaffected – April 29, 2009
The Microsoft Tax: Conficker virus begins to attack Windows PCs; Macintosh unaffected – April 27, 2009
The Microsoft Tax: Conficker’s estimated economic cost: $9.1 billion – April 24, 2009


    1. Yeah, this is all about people too cheap to upgrade from Windows XP. And MDN thinks they’ll buy macs?? You gotta be sh!tting me. And it won’t stop people from using Winblows. Seen this for years.

    2. Are you really that ignorant of this whole topic and all previous emails similar to yours saying “nyah, nyah, Mac gets malware too.” Are you just a stupid, annoying troll who knows that what you say is not true.

      Okay – one more time…

      IT’S NOT THE SAME THING. The malware described in your reference that requires opening a zip file attached to an email and installing a program. This is not remotely on the same level as a program that spreads itself and is invisible until the harm is done.

      As has been said a million times before — no one who knows anything says the Mac CANNOT be attacked. What we say is that the chance is infinitesimal compared to Windows.

      1. Still needs human interaction to spread … … Still wonder why amateurs and blog editors think they know how things do and do not work – and why …. I even heard mention yet again of the Windows copied Apples GUI (albeit veiled) … Get a grip … XEROX sued and won against Apple … MS licensed things legally … But hey … If Trump can get elected, we know propaganda and BS works …LOL ….. A properly configured Windows enterprise is 10 times more practical and efficient … Can’t blame MS for careless users any more than you can blame Ford when you drive over school kids when you’re drunk …. Anyway…i hate typing on phones …

        1. Sorry Scott (Frank or whatever shortname you prefer being called – you are all the same): Apple was in agreement with Xerox of the elements in the gui it could use. Apple significantly improved on Xerox rather crude gui. M$ oth stole and was sued by Apple for it. The case was dropped by Steve when he returned to the dying company in return for a deal where among other things M$ promised to continue developing its office-suit for macos. If it would not Steve thought it would be more or less over for Apple. These are the FACTS and stop spreading hour altfacts!

    3. Idiots like this anonymous coward who can’t tell the difference between a “trojan horse” (which all systems are vulnerable to) and a self-spreading “virus” (which macOS has NEVER been vulnerable to) should stop making fools of themselves in public.

    4. Clearly, you have very troubled relationship with facts. This history is extremely well documented, it is truly embarrassing for someone to try to pass such blatant inaccuracies as truth.

      For the record, for a millionth time, Apple got GUI from Xerox in accordance with the contract they had. In exchange for a certain number of AAPL shares (at the time, the hottest company in the Silicon Valley), XEROX would let Apple look at its PARC team’s work. Much later, when Xerox realised the magnitude of their mistake (giving away GUI in exchange for just a few shares of AAPL), they sued. And the suit was dismissed.

      There is a very accurate definition of behaviour such as yours. It is called trolling. When you confront a person, or group of persons, with an opinion contrary to theirs, and in such opinion use inaccuracies, with the sole purpose of frustrating, angering or annoying the other person(s), rather than engaging in a legitimate discussion, you meet the definition of a troll.

  1. Apple fanboys gloat while making excuses. A self-replicating worm is worse than malware hidden in a zip file. This is the equivalent of saying being killed by an IED is more deadly than being killed by a sniper’s bullet.

    1. Lol what? More like a sniper bullet vs a package that’s ticking labelled “OPEN ME. I’M TOTALLY NOT A BOMB.”

      Yes, the outcomes are just as bad, but with one you can choose not to participate in the first place.

      1. The analogy of a sniper’s bullet is absolutely correct. Some Mac users are to stupid to realize that opening that zip file is the equivalent of poking one’s head out and making themselves a perfect target. The entire fact that you even mention the fact that the zip file is dangerous is because you know that some Mac users are too stupid or ignorant of the problem. The myth of Mac user super-intelligence is just that.

    2. Frank… Another stupid and empty troll comparison…

      A self-replicating worm or virus is not equivalent to an IED.
      The former can hit anywhere in the world. The latter can only affect you in very confined areas of a very small number of countries.

      And malware hidden in a zip file is not the equivalent of a sniper’s bullet.
      The damage from the former has to be CHOSEN and ACTIVATED by the victim.

      So no – no equivalence… no connections anywhere… you have made no point at all.

      Get out of your mommy’s basement.
      Go back to school.
      Learn how to think.
      Learn what “logic” means.
      And get some therapy.

        1. Well, that is VERY creepy, Frankie — since my mother is dead. But I’ve heard that people like you exist. I just didn’t believe it.

          Anyway, your age becomes clear. What? About 14?

    3. Frank, you’re exposing your ignorance on the subject. Let me put it in terms you can understand. Imagine you have a home with the best MAC locks that money can buy. Thieves don’t even bother trying to open the locks. Instead, they knock on the door and say, “Hey Frank! Open up.,It’s me Beans! 😋😋”. So you dutifully open the magnificent lock and allow your friend in, even give him a key while you’re at it, all before realizing it’s not really Beans at all, but an imposter!” Fake Beans then goes through all your shit, tossing out your Security for Dummies books, and doing all sorts of damage. Well at least it’s just your stuff. You gonna blame the lock for that Frank?

      Now imagine you live in a gated community call Happy Windoze Farms, in Redmond, Ca. Imagine that there is an underground tunnel that connects to all the houses. This time fake Beans gains access bypassing your gate, entering the tunnel, and he is able to enter all the homes and come and go as he pleases through the tunnel. Then when he decides to, he brings in friends and they all take up secret residence in the homes, then on his command, they wreak home invasion havoc.

      Yes, quite a bit worse, don’t you think?

  2. MDN should have been “The Microsoft Tax is the gift that keeps on taking.”

    Frank apparently doesn’t have much to do but post. In other words he has a lot of free time, not doing much work, … or … he is a paid shill.

    #1: We are not “fanboys”, but business users who have picked the “least vulnerable OS” to run most of our business, which is an entirely logical reason for Apple use.

    #2: “Up-time” pays off handsomely for Apple users. Yes I use Win7 and will soon run Win10 in Boot Camp because some valuable and pricey software is only available there. But once that software is installed, it will never see the light of a network connection again, except for specific needed application upgrades.

    #3: Speed, great security/updates & ease-of-use counts. It saves time and lessens errors. That means a more productive business.

    Frank can use/promote Windows all he wants but millions of users of MS OS found out the disruption cost over the last few days can be enormous. Frank can’t justify MS when things like that can be AVOIDED at least up to date today with other operating systems.

    1. Least vulnerable is the same as less dead or Mac OS is still vulnerable or Mac users are still vulnerable or Mac vulnerability is a feature but PC vulnerability is a flaw?

  3. The amazing thing is that a researcher in the UK accidentally killed the worm by gaining access to a website link. This may the worm think the PC and all other infected machines were in a sandbox and caused it to delete itself. Infected machines still encrypted but the worm is not spreading any more. M$ got lucky.

    1. You are running a close second to Frank in the stupid department. Go back and read the article slowly as many times as is necessary until you realize the difference between what the article says about the NSA and what you said.

  4. The only tolerable version of Windows is one NOT connected to the Internet. Then you can’t download virus and malware, can’t install MS Windows 10 upgrades unexpectedly, losing work and time.

      1. Sometimes you are there to do the job you are hired to do. Doesn’t make you less intelligent. It means you can work with/for someone.

        Facts: Admins using Windows when Apple was on the rails, in the 90’s would have been appreciated. Admins using Windows servers would have been appreciated when Apple chose to stop development and sales of the xServe. There are more Red Hat boxes begging deployed today than anyone recalls. Windows deployments are down while Linux / Chrome is up.

        Again, the good guys make recommendations and do their jobs, despite the decisions, as best they can, because they care. Sometimes it goes their way and sometimes it doesn’t.

        You can’t blame Microsoft so much as the NSA, for maintaining a weaponized library of tools and exploits of Windows libraries. SMB is an international standard, developed by IBM. Then note keeping a tight grip on its distribution. This is likened to a digital bio-weapon, why was it left in a place to be stollen, in the first place?

        So recap, what’s wrong with admins, a lack of intelligence or a preponderance of duty?

  5. Funny and not so much. My brother was due an emergency bypass op which got cancelled. No blood data, no drug medication data past or ongoing, all health info gone…it took all hospital phones off the network and the wifi, test results, appointments …the lot.
    I can’t imagine the stress being suffered by him and thousands of other more serious cases, plus all the hospital and medical staff having to cope.
    Some heads need to roll but of course the only ones targeted will be the hapless under payed, over worked, under resourced IT staff. The NSA? Microsoft? probably zero repercussions with legal responsibility opt outs.
    Did someone mention swamps?

    1. Hmmm, according to reports, no true emergency surgeries were canceled. What was your brother’s location?

      Are you aware the NSA discovered the exploit and did not create or spread the ransomware? Are you also aware they didn’t leak the knowledge that the vulnerability existed? And are you suggesting because MS has a weakness/bug that others found they should be financially responsible for institutions and companies failure to patch when MS wrote and distributed a patch?

      The only thing I hate more than bullshit is stupid rants by the uneducated.

      1. Are you for real?
        Read this…
        Then STFU with your imbecilic know-nothing crap. Did you even bother to read the article? NSA – gross security incompetence. Microsoft – incompetence personified with an OS that still sh*ts daily on the majority of the worlds users and corporations…costing $B’s in wasted assets. And you don’t think that’s a crime?

        “The only thing I hate more than bullshit is stupid rants by the uneducated.”

        Such a moronic lack of irony.

  6. To the MDN headline:
    Of course a Windows hack would not impact a Macintosh unless it has Boot Camp or a Hypervisor with Windows installed. One would not expect a Windows exploit to hit a Macintosh.
    Next, no Windows 10 computers were impacted. Windows 8 and earlier only. Most were running Windows XP, which was EOLed some time ago.
    Next, there are reports of Ransomware hitting Macintosh computers. Security begins at home.

      1. Windows 7 and 8 had patches out that fixed the vulnerability in March.

        As to Hospitals, the vendors largely lock their systems down and are responsible for keeping the OS and applications SW current. Years ago they were mostly built on UNIX and these days- sadly- Windows and sometimes Red Hat LINUX.

        We pay a King’s ransom for Service Contracts and this weekend we had no systems running on Windows impacted and most run Windows 7. I was there and was responsible for all of it. The only problems we had with Windows was the usual BS one encounters with Microsoft SW, but no ransomware and yes, everything is on the network.

        Our hospital has a very strict set of IT policies- plug a USB drive into any equipment without consent in advance on a need basis and it is a termination offense. No shit.

        The truth of the matter is that those who got bit were not current on their SW updates. Microsoft EOLed XP, but had patches in place for 7 & 8 – 10 was not impacted.

  7. I read a few replies of people calling others here idiots, morons, etc., grew tired of it, but here’s what I’d like to see some do: real research to try to determine how much money Windows has cost the world since it’s been used. Y2K, Son of Y2K, on and on. I hope someone makes an attempt at finding out.

  8. Well, anybody still using XP deserves what they got. A fully patched W10 or W7 machine, with updated AV and malware protection has little to fear from this. It is gullible people clicking on or opening stuff they shouldn’t that is the weakest link here. Can’t cure stupidity.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.