The WannaCry ransomware attack is an ongoing cyberattack of the WannaCry ransomware computer worm targeting Microsoft Windows operating system encrypting data and demanding ransom payments in the cryptocurrency bitcoin. The attack first stared on May 12, 2017 infecting more than 2,30,000 computers in over 150 countries. Ransomware usually infects a computer when a user opens a phishing email and although such emails have been alleged to be used to infect machines with WannaCry. Once installed, WannaCry uses the Eternalblue exploit and Double Pulsar backdoor developed by the US National Security Agency to spread through local networks and remote hosts that have not been updated with the most recent security updates to directly infect and exposed systems.
A "critical" patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems, nearly two months before the attack, but many organizations had not yet applied it.