Open in app

Sign in

Write

Sign in

Photo by Jefferson Santos on Unsplash

Scanning The Dark Web

Prof Bill Buchanan OBE FRSE
ASecuritySite: When Bob Met Alice
Published in
4 min readJan 30, 2019

--

So what did Wanna Cry connect to? Well once installed on a machine (through unpatched SMB shares on Windows), the ransomware first downloaded the Tor program, and then connected directly to five addresses:

gx7ekbenv2riucmf.onion
57g7spgrzlojinas.onion
xxlvbrloxvriy2c5.onion
76jdd2ir2embyv47.onion
cwwnhwhlz52maqm7.onion

Increasingly we see applications and, especially, malware, connecting directly to…

--

--

Prof Bill Buchanan OBE FRSE
ASecuritySite: When Bob Met Alice

Written by Prof Bill Buchanan OBE FRSE

30K Followers
Editor for

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams