How to protect against the WannaCry attacks if you use Kaspersky Lab solutions for business
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.
Accept and close



Safety 101: Protection tips


How to protect against the WannaCry attacks if you use Kaspersky Lab solutions for business

Back to "Protection tips"
2018 Sep 03 ID: 13698

Kaspersky Lab engineers have analyzed the information on the cases of infection with the WannaCry file-encrypting malware, which attacked a number of companies around the world on May, 12.

The attack was implemented through the Microsoft Security Bulletin MS17-010 network vulnerability. The rootkit was installed on the infected computers, through which the file-encrypting malware was run.

All Kaspersky Lab solutions now detect this rootkit as MEM:Trojan.Win64.EquationDrug.gen. Kaspersky Lab solutions also detect the encryption malware which was used during this attack under the following names:

  • Trojan-Ransom.Win32.Scatter.uf
  • Trojan-Ransom.Win32.Gen.djd
  • Trojan-Ransom.Win32.Wanna.b
  • Trojan-Ransom.Win32.Wanna.c
  • Trojan-Ransom.Win32.Wanna.d
  • Trojan-Ransom.Win32.Wanna.f
  • Trojan-Ransom.Win32.Zapchast.i
  • Trojan.Win64.EquationDrug.gen
  • PDM:Trojan.Win32.Generic
  • Intrusion.Win.DoublePulsar.a

We recommend that the companies perform the following actions to minimize the risk of infection:

To view the detailed guide for your Kaspersky Lab solution, see the section How to avoid network infection later in this article.

Kaspersky Lab experts are currently analyzing the malware samples to find decryption options.

For detailed information about the WannaCry attacks, please refer to the Kaspersky Lab report.


How to disinfect the network if you use a Kaspersky Lab antivirus solution


How to disinfect the network if you use other antiivirus solutions


How to prevent the infection


How to distribute the Microsoft update through Kaspersky Security Center


How to use the computers safely without installing the Microsoft update

Was this information helpful?
Yes No
Thank you


Have you found what you were looking for?

Please let us know how we can make this website more comfortable for you

Send feedback Send feedback

Thank you!

Thank you for submitting your feedback.
We will review your feedback shortly.


How can we improve this article?

We will not be able to contact you if you leave your email address or phone number. To contact technical support, please sign in to your Personal Account.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.