No, Windows XP didn’t fuel WannaCry

The global WannaCry attack that started 10 days ago touched just a handful of Windows XP PCs, a security expert said Monday, contradicting the narrative that the aged OS was largely responsible for the ransomware’s crippling impact.

“There were no real WannaCry infections of Windows XP,” said Costin Raiu, director of Kaspersky Lab’s global research and analysis team, in an interview Monday. “We’ve seen only a handful of cases, less than a dozen, and it looks like most of them were testers [self-infecting systems].”

Raiu’s claim countered an assertion made by virtually every media report and blog post published after “WannaCry” emerged June 12. Countless news stories blamed Windows XP, which Microsoft retired three years ago, for falling victim to the attack because the vulnerability that WannaCry exploited had not been patched in the obsolete OS.

To read this article in full or to leave a comment, please click here