Cybersecurity experts have said the majority of the attacks targeted Russia, Ukraine and Taiwan. As per the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre), ransomware spreads by using a vulnerability in implementations of "Server Message Block" (SMB) in Windows systems.
"Thus by registering it we inadvertently stopped any subsequent infections", he told CNNTech.
"This kind of ransomware attack has been becoming much more common in recent months so in a way it's perhaps no surprise".
The ransomware worm that stopped vehicle factories, hospitals, shops and schools over the weekend worldwide, with Asia having escaped the worst so far, could wreak fresh havoc on Monday when employees log back on, cyber security experts warned.
One of the theories is that the attack is primarily an attempt to embarrass the U.S. NSA and the intelligence community.More news: Fed holds rate steady, notes slower economic growth
Ransomware has a habit of mutating and so it changes over time in order to find different ways to access computers or to get around patches (operating system updates that often include security updates).
The patches won't do any good for machines that have already been hit. "Most folks that have paid up appear to have paid the initial $300 in the first few hours".
"Because Bitcoin is anonymous and untraceable, it's very hard to find where that money is going so you're sending it to a numbered account and until you can put an identity with a numbered account, you can't prosecute the person doing the crime", Wilkinson said. "However, because WannaCrypt used a single hardcoded domain, my registartion [sic] of it caused all infections globally to believe they were inside a sandbox and exit".
Seven hospitals remained on A&E divert on Sunday afternoon, with ambulances taking emergency patients elsewhere, NHS England said.
Now, the company is offering free security fixes to everyone affected. State media reported that digital payment systems at some gas stations were offline, forcing customers to pay cash.
Security experts warn there is no guarantee that access will be granted after payment. "We held an assessment meeting today and have found that 102 systems of the Andhra Police have been infected with ransomware", Gulshan Rai, director general, CERT-In, said.More news: Bindi Irwin makes late father Steve proud
On Saturday, Microsoft said it had released updates for older systems.
A massive ransomware attack is now spreading like a tsunami around the world, hitting high profile targets like UK's National Health Service and disabling Spain's Telefonica carrier.
"We are in the second wave", Matthieu Suiche of United Arab Emirates-based cybersecurity company Comae Technologies said.
Another security research firm, MalwareTech, has created a page monitoring the attacks.
Europol said its cyber-crime team, EC3, was working closely with affected countries to "mitigate the threat and assist victims".More news: Victory meant more to the GOP than the health of millions — LUPICA
- Canelo Alvarez Destroys Julio Cesar Chavez Jr, Will Challenge GGG Next
- Serena Williams confirms she is pregnant with first child
- Trump speaks with new South Korean president
- With new president, new faces for French parliament
- "Nothing Further to Add": Spicer Shuts Down Questions on Trump's Tapes Tweet
- Europe is bracing for a laptop ban on flights to America
- Spurs prepare for White Hart Lane farewell
- Memphis man who set himself on fire, livestreamed it on Facebook dies
- National Basketball Association suspends Wizards forward Kelly Oubre Jr. for Game 4 against Celtics
- Elgin-area congressman: If Trump has tapes, Oversight Committee should have them