During one of those infections, WannaCry infected the honeypot in a mere three minutes after it was reset, showing the aggressive nature of the ransomware’s scanning module, which helps it spread to new victims.
Remind you that the ransomware was defanged via a kill-switch researchers found in its code, but this test shows how quickly new infections will be made if this kill switch wouldn’t have been discovered.
Furthermore, three minutes is about the same amount of time IoT malware will infect a vulnerable home router left connected to the Internet without patches.
According to data from the MalwareTech botnet tracker, the WannaCry ransomware has made over 223,000 victims since it started to spread on Friday afternoon.
Across the large number of infections, researchers have discovered that the authors of the ransomware have used only three Bitcoin addresses to receive payments [1, 2, 3].
At the time of writing, these three Bitcoin wallets hold 17.309 Bitcoin, which is around $31,600. Compared to the number of infections, the WannaCry gang has failed to capitalize on their tool.
