It was Friday, May 12, 2017, when a lot of people across the world turned on their computers (or even ATMs, ticket machines, and POS terminals) and got the same nasty surprise. Instead of spreadsheets or hospital patient records, screens lit up with a black-and-red ransom note. The note, titled “Wanna Decrypt0r,” and later known as “WannaCry,” said files were locked and the only way back was to pay in Bitcoin. To top it off, it had two little links at the bottom: “About Bitcoin” and “How to Buy Bitcoin.” For many people, this was the first time they had ever seen the word. In one stroke, a piece of ransomware managed to give the world a crash course in crypto. It was frightening, but also strangely educational, and the images of that ransom screen became one of the most recognizable computer messages of the decade. For many people, this was the first time they had ever seen the word. In one stroke, a piece of ransomware managed to give the world a crash course in crypto. What Was WannaCry WannaCry wasn’t the first ransomware, but it was the one that spread like wildfire. Ransomware is a type of malware that locks up your files until you pay, and this one was special because it acted like a very infectious worm. Instead of waiting for someone to download a shady attachment, it jumped from machine to machine on its own. The victims didn’t do anything to catch it. That’s what made it so disruptive. Within two days, over 200,000 computers in more than 150 countries were infected. were infected were infected It all came from a Windows vulnerability in the file-sharing system known as Server Message Block (SMB). The exploit, called EternalBlue, was reportedly developed by the US National Security Agency (NSA) and leaked online by a hacking group called the Shadow Brokers. Once WannaCry developers had this tool in their hands, it was like finding the master key to office buildings everywhere. Hospitals, universities, factories, government offices, and embedded systems (ATMs, POS terminals, and other service machines) were suddenly at the mercy of the same cartoonish ransom note. The exploit, called EternalBlue, was reportedly developed by the US National Security Agency (NSA) and leaked online by a hacking group called the Shadow Brokers. embedded systems embedded systems https://x.com/amtinits/status/863166195461238784?embedable=true https://x.com/amtinits/status/863166195461238784?embedable=true The ransom demanded $300 worth of Bitcoin, later raised to $600. Victims were told they had three days to pay, or the price would double, and seven days before their files would be gone forever. It blocked a lot of vital systems too, which meant not only were files at stake. The countdown clock on the ransom screen only made the pressure worse. How It Spread and Stopped What made WannaCry so terrifying was the speed. It didn’t just infect one unlucky employee in an office. It jumped across entire computer networks. In the UK, the National Health Service (NHS) was one of the hardest hit. Doctors and nurses found themselves unable to access patient records, surgeries were canceled, and ambulances were diverted. Across the ocean, FedEx reported disruptions, and in Asia, companies like Honda and Hitachi had to shut down parts of their operations. Over 55 big companies, hospitals, universities, and governmental organizations reported infections, including the Andhra Pradesh Police (India), Deutsche Bahn (German Railway), Dharmais Cancer Hospital (Indonesia), the National Health Institute (Colombia), LATAM Airlines (Chile), the Ministry of Internal Affairs of the Russian Federation, PetroChina, Portugal Telecom, the Justice Court of São Paulo, Telefónica Spain, University of Montreal (Canada), and many more. Across the ocean, FedEx reported disruptions, and in Asia, companies like Honda and Hitachi had to shut down parts of their operations. Over 55 big companies, hospitals, universities, and governmental organizations reported infections The total global cost was estimated in billions, not exactly from ransoms, but for the needed time and money to make the machines operational again. And yet, the whole thing ended with what might be one of the strangest acts of cyber-heroism in history. was estimated was estimated A young security researcher named Marcus Hutchins discovered that the malware checked for a nonsense web domain before spreading. He registered that domain for about $10, which accidentally triggered the kill switch and slowed the outbreak. It didn’t fix infected machines, but it stopped the worm from claiming new victims. One cheap domain name had saved thousands of networks. A young security researcher named Marcus Hutchins discovered that the malware checked for a nonsense web domain before spreading. He registered that domain for about $10, which accidentally triggered the kill switch and slowed the outbreak. discovered discovered Of course, the story didn’t just end with relief. Copycats tweaked the code and released new versions. Companies scrambled to patch their systems. And governments had to answer tough questions about why leaked cyberweapons were floating around the Internet in the first place. Screens Everywhere Once the dust settled a bit, WannaCry became more than a cautionary tale. It became a meme. People started pasting the ransom screen on every device they could find, just for fun. Laptops, smartphones, coffee machines, printers, smart watches. Someone even mocked up images of the WannaCry screen taking over the bridge consoles on the Star Trek Enterprise. It was a way of taking back control, turning a nightmare into a joke, and showing that if your files were gone, at least your sense of humor wasn’t. https://x.com/new_orleansjazz/status/864133471773511680?embedable=true https://x.com/new_orleansjazz/status/864133471773511680?embedable=true The irony is that this strange kind of Internet graffiti gave even more visibility to the ransom note. And with it, those two little links about Bitcoin. For most of the general public in 2017, Bitcoin was still a mysterious thing that geeks and traders talked about. But here it was, plastered on office desktops, hospital monitors, and viral memes. The irony is that this strange kind of Internet graffiti gave even more visibility to the ransom note. And with it, those two little links about Bitcoin Suddenly, the question wasn’t “What is Bitcoin?” in a tech forum. It was your boss asking in a panic, “How do we buy Bitcoin to pay for this thing?” Even though experts advised against paying and most victims never did, the visibility was massive. There were thousands of individuals and organizations worldwide with infected computers, but the rest also had it on their screens anyway, in the form of news and memes. The Aftermath In the months after the outbreak, headlines went from shock to analysis. Microsoft (and Edward Snowden) publicly criticized governments for stockpiling vulnerabilities instead of disclosing them. The NHS did a deep review of its outdated systems, eventually investing more in cyber defense, but not as much as recommended. Security firms and researchers released endless write-ups about the WannaCry and how to avoid the next disaster. A key to recover encrypted files for free was released as well. On the other hand, a copycat for Android devices targeted users in China. Edward Snowden Edward Snowden criticized criticized as recommended as recommended WannaCry WannaCry was released was released targeted targeted On the crypto side, things got a bit complicated. Bitcoin got a reputation problem (again, because let’s not forget Silk Road). To people who had only heard about it through WannaCry, it sounded like the currency of criminals. At the same time, coverage about tracking the ransom wallets showed that Bitcoin wasn’t as untraceable as many had thought. Investigators could follow the flow of coins on the blockchain, even if they couldn’t always reach the people behind it. Bitcoin got a reputation problem (again, because let’s not forget Silk Road). To people who had only heard about it through WannaCry, it sounded like the currency of criminals. Silk Road Silk Road could follow could follow Over the years, sadly, hackers received around 54.6 BTC (that’d be around $6.2 million today) insome of the wallets tied to this malware. By the end of 2017, the year of WannaCry, Bitcoin also hit its first huge price rally, soaring to almost $20,000. For better or worse, it was the year crypto broke into mainstream news, and that ransom screen with its bright Bitcoin logos was part of the story. some of the wallets some of the wallets Lessons and Odd Legacies Looking back, WannaCry feels like one of those moments when the world woke up to two things at once: the dangers of neglected cybersecurity, and the strange new reality of cryptocurrencies. For every office that scrambled to install patches, there was a kitchen table where someone asked what Bitcoin was. And for every hospital crisis meeting, there was a meme of the ransom note taped onto a smart fridge. As dark as it was, the episode put crypto on the map. It proved that money native to the Internet could appear in unexpected places, good or bad. Bitcoin’s name was widespread, and this eased the discovery of other crypto networks. Other projects were already experimenting with different approaches to decentralization. As dark as it was, the episode put crypto on the map. It proved that money native to the Internet could appear in unexpected places, good or bad was widespread was widespread Obyte, for instance, had launched months earlier, in 2016. At the time, it was distributing most of its supply to Bitcoin holders, linking its growth to Bitcoin’s early community. Unlike the Bitcoin blockchain, Obyte is based on a Directed Acyclic Graph (DAG), designed to be censorship resistant from the beginning. Obyte Obyte Over the years, this turned out to be important. Ransomware attacks have decreased, while censorship and surveillance emerged as major global concerns. have decreased have decreased global concerns global concerns What was once seen as geeky or shady now looks like part of the solution. Obyte continues to focus on community-driven applications and censorship-resistant payments and communications. The takeaway is this: security matters, history is full of odd twists, and sometimes the scariest stories become the ones people remember with a grin years later. WannaCry will always be remembered as the day Bitcoin landed on screens worldwide. What people do with crypto since then, from memes to networks like Obyte, is the story still unfolding. Featured Vector Image by Freepik Featured Vector Image by Freepik Freepik Freepik
