#WannaFix Proposal by Cyber Security Expert Simon Smith — Use the exploit to our advantage?
MELBOURNE, Australia — 16 May 2017
Cyber Security Forensic Expert & Software and Social Engineer calls for support in a new conceptual idea
Amongst decompiling the malware in the morning of the 15th May 2017, Mr. Smith of eVestigator was tracking IP traffic, monitoring incoming and outgoing packets and finding TOR exit nodes — not surprisingly. Mr. Smith did capture Australia sending some traffic to assist the criminals from the University of NSW TOR exit node, but that is the way TOR works, and it is only one leg in the transaction. It is an anonymous network. Mr. Smith has written an updated TOR browser for iOS and is a specialist Expert Witness in Cryptology, Bitcoin, the Dark Web and Blockchain amongst all other High-tech areas of IT Forensics.
Following an interview returning from SBS World News which aired last night in Melbourne, Mr. Smith had an idea about the Ransomware and spread it through his social network. He sent this message on the 15 May 2017 to his 26,000 LinkedIn Quality Connections and large twitter followers and to a large audience on Facebook. He woke up to find that his idea was well received and not so out there after all. Mr. Smith is an innovative person and is always looking for solutions. It read as follows:
“I just had a brilliant idea! If we #WannaFix this fast why don’t we spread the patch using the same exploit in the masses. Get all ISPs to place a red letter in every bill, meanwhile we broadcast through the entire DNS a flood of a variation of this that simply executes a wrapped up version of the Microsoft patches with all versions built in. It’s brilliant! What do you think? Simon “Smith. Cyber Security Forensic Investigator”
This morning, he looked at the number of views and thought, “well that’s not such a bad idea”, and came up with a concept of package a self extracting EXE file for all operating systems that would tunnel through the same exact exploit. Instead of vulnerable computers seeing #WannaCry or #WannaCrypt they would see #WannaFix. This would be a perfect way to compete with this #Ransomware. Mr. Smith mocked up a sample below. It would be validated against a third party server that would be trusted and must have a unique ID per EXE that matches a list entry on the server.
Mr. Smith proposes that Microsoft, the NCCU, other interested Cyber security experts as well as himself promptly put this application together as Australia is one country that has just also started to see this ransomware. Mr. Smith predicts that the ‘lazy opportunists’ will be onto this exploit asking for much larger sums in Bitcoin sooner rather than later.
Mr. Smith proposes this potential innovative solution to Microsoft, the NCCU, and Interested Parties and wishes to work with such teams to help package such a solution.
Remember, humans are the weakest link in any System.
Technology comes second!
🏆Vote for Simon Smith as the 2018 Cyber Professional of the Year before December: https://cybersecurity-excellence-awards.com/candidates/simon-smith/ Direct: +61410643121
Connect for Insights and Media Requests on LinkedIn: https://www.linkedin.com/in/simonsmithinvestigator
Subscribe to all media interviews via my YouTube Channel by clicking here: https://www.youtube.com/c/evestigatorAu/?sub_confirmation=1