So far there has been no progress reported in efforts to determine who launched the plot. Users of these older Operating systems are advised to upgrade as soon as they can and to turn Windows Update on if it's disabled.
They exploited a ideal storm of factors - the Windows hole, the ability to get ransom paid in digital currency, poor security practices - but it's unclear if the payoff, at least so far, was worth the trouble.
However, the authors of the "WannaCry" ransomware attack told their victims the amount they must pay would double if they did not comply within three days of the original infection - by Monday, in most cases.
Malware, which ransomware is a type of, are often transmitted via email or online through compromised websites.
On Wednesday security firms Bitdefender and Proofpoint found hackers using the same exploit to spread cryptocurrency-mining malware called Adylkuzz. Avast, which was founded in 1988 by two Czech researchers, said the largest number of attacks appeared to be aimed at Russia, Ukraine and Taiwan, but that major institutions in many other countries were affected.
A young cyber security researcher had accidentally found the kill switch of the ransomware by sheer luck and purchased an unregistered domain name for $10.69 in order to stop the attack.
The "kill" function had not been activated by whoever unleashed the ransomware, and the researcher found that the secret URL had not been registered to anyone by worldwide internet administrators.
WanaCryptor 2.0 is only part of the problem.
Not only is security the responsibility of the manufacturer, but also of the consumer as the latter is responsible for updating their devices to the latest software provided to protect against such attacks.
The exploit, known as "EternalBlue" or "MS17-010", took advantage of a vulnerability in the Microsoft software that reportedly had been discovered and developed by the U.S. National Security Agency, which used it for surveillance activities. WannaCry, however, does not discriminate and has taken over not only general users' computers, but also large-scale organizations as well. Whatever its source, it was published on the internet last month by a hacker group called ShadowBrokers. "Microsoft issued an emergency patch over the weekend addressing this situation for those people".
Blaming Microsoft for not providing free custom support to its customers who were using old Windows software that may have slowed down "WannaCrypt" attack, a media report has said the tech giant charged a fortune for the custom support for older versions, including Windows XP that was discontinued in 2014.
Ransomware is just one of the ways that cybercriminals profit from weak computer security. The firm said it had warned about the exponential growth of ransomware, or crimeware, as well as the dangers of sophisticated surveillance tools used by governments. Unfortunately, however, a new variant of the program is already in the wild. A "critical" patch had been issued by Microsoft on March 14 to remove the underlying vulnerability for supported systems, almost two months before the attack, but many organizations had not yet applied it. Governments and private enterprise alike were affected by the attack with everyone from the UK's National Health Service to the Russian Interior Ministry to global shipping company FedEx reporting disrupted operations on account of the ransomware. Linux, Mac or any unix based OS are not affected. "As of now, the ransom, which hackers have collected, has gone upto $50,000".