WanaCrypt0r 2.0 has been spreading like wildfire and causing severe impact to individuals and businesses alike. Wcry not only is a crypto-ransomware variant, but packages a leaked NSA exploit with it (MS17-010), creating a self-propagating ransomware worm.
To protect our clients and now the general public, Rendition Infosec has released TearSt0pper. Simply put, TearSt0pper creates a mutex (mutual exclusion object) that will prevent WanaCrypt0r 2.0/Wcry from infecting a system.
Slow patching cycles by organizations for MS17-010 coupled with Wcry modifications leaves many still vulnerable to infection and spread. TearSt0pper by Rendition Infosec stops the tears and can be run from any user privilege as tested. This means administrators can deploy TearSt0pper throughout the enterprise as a group policy object, etc. without requiring the binary to be run as Administrator.
Protect systems from future infection by WanaCry with TearSt0pper and CONTINUE TO PATCH MS17-010.
Important notes:
Download TearSt0pper (and register for update notifications) here. As Rendition is reasonably certain that WCry will mutate to include additional payloads, we highly recommend that you register for update notification so we can let you know when new versions of TearSt0pper are available. Your information will never be shared with a third party (because we hate that too).
This will be copy area - something to the effect of estimated ship time if applicable