The WannaCry/WannaCrypt malware outbreak of May 12th presents a powerful opportunity to reflect upon the endpoint security architecture to understand the role of the various defense layers that comprise it and we will probably hear about this in months to come. In the meantime, there are things that can and should be done immediately.

To assist organizations and individuals who may be concerned that human error may infect their endpoints with WannaCry, we have released a free, downloadable tool that automatically immunizes your endpoints. With this vaccinator, Minerva takes advantage of malware behavior that avoids infecting the same system twice, once it identifies a mutex infection marker on the machine. By simulating the infection marker that WannaCry uses to determine whether it’s already on the endpoint, Minerva’s vaccinator prevents it from running and encrypting your machine.

You may download the compiled tool from our GitHub repository, please follow the instructions in the README file:

WannaCry checks if the mutex infection marker already exists


Avoid Paying Ransom with Minerva

Although many commercial tools with a baseline antivirus can protect against ransomware, facts show that they may not have been deployed to servers for various reasons, which allowed the ransomware to infect. Minerva customers who enabled our Ransomware Protection had their files protected against WannaCry and were not forced to pay the ransom. This is the last line of defense that allows enterprises to restore files that might have been encrypted.

See how it works: