Re: [44net] the current worldwide Windows ransomware situation

It is not that easy unfortunately. You can hide your a** when you register a domain. Vpn/tor/ etc and use stolen credit cards to do so. Also, the virus is in the wild and self replicating and infecting others. Infection does not only come from the origin domain, but also from every other infected computer which will scan it's networks for other windows computers and try to exploit and infect those.. Ruben - ON3RVH > On 13 May 2017, at 06:53, R P &lt;ronenp(a)hotmail.com&gt; wrote: > > (Please trim inclusions from previous messages) > _______________________________________________ > IM not sure that this is the right group but as i wrote before here we have top experts in it field so Ill try > > I read the explain on the virus in the sites ... > > The domain is well known .. someone pay for it > > is it so problem to catch the person who paid for this domain ??? > > what about shutting out this domain and by that stop the spread of the software ? > > > > ________________________________ > > > http://blog.talosintelligence.com/2017/05/wannacry.html > [https://4.bp.blogspot.com/-nDcKns-tCMg/WRYv1PfUO_I/AAAAAAAAA_Q/ZWhZcAtqCYsx… > > Player 3 Has Entered the Game: Say Hello to 'WannaCry'<http://blog.talosintelligence.com/2017/05/wannacry.html> > blog.talosintelligence.com > A blog about the world class Intelligence Group, Talos, Cisco's Intelligence Group > > > > > https://securelist.com/blog/incidents/78351/wannacry-ransomware-used-in-wid… > WannaCry ransomware used in widespread attacks all over the world - Securelist<https://securelist.com/blog/incidents/78351/wannacry-ransomwa… > securelist.com > Earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world. In these attacks, data is encrypted with > > > > > > _________________________________________ > 44Net mailing list > 44Net(a)hamradio.ucsd.edu > http://hamradio.ucsd.edu/mailman/listinfo/44net >