After finding the reference to this domain in the Trojan’s code, the researcher registered the domain, thus suspending the attack. In the remainder of the day, the domain was addressed tens of thousands of times, which means that tens of thousands of computers were spared.
Unfortunately, there is currently no way to decrypt files that have been encrypted by WannaCry, however there are researchers right now totally dedicated to this kind of cyber threat.
The attack started on Friday, 12 May 2017, infecting more than 230,000 computers in 150 countries, with the software demanding ransom payments in the cryptocurrency Bitcoin in 28 languages.
The hack tricks unsuspecting users into opening infected Word documents which subsequently run malicious macros once the file has been loaded.
By attacking business networks, servers and devices, hackers are accessing secrets and confidential strategies and creating huge losses for the overall economy.