The internal computer network of the Ministry of Internal Affairs of Russia was struck by ransomware WannaCry (a.k.a. WannaCrypt0r, or WCry), reports Varlamov.ru referring to several sources familiar with the situation.
The source of MediaZone in the Ministry of Internal Affairs confirmed the fact of infecting the computers of the Ministry. According to him, the attack affected departments in several regions.
The virus encrypts user files, modifies their extension and requires a special decryptor that can be bought for bitcoins. Otherwise, the files will be deleted.
According to users at the forum of Kaspersky Lab, the virus first appeared in February 2017, but then “was updated and now looks different than previous versions.”
The press service of Kaspersky could not promptly comment on the incident, but promised to release a statement in the near future.
Employee of Avast Jakub Kroustek said on Twitter that at least 36,000 computers were infected in Russia, Ukraine and Taiwan.
— Jakub Kroustek (@JakubKroustek) May 12, 2017
There were also reports about infection of computers in public hospitals in several regions of the UK, and an attack on Spanish telecommunications company Telefonica.
Also, Meduza website was anonymously informed by employees of Russia telecom giant MegaFon that the company also suffered from the same attack. According to the sources, this was the same attack as on hospitals in the UK: computers were also blocked, and the virus demanded a ransom.