How a 22‑Year‑Old Anti‑Virus Hero Accidentally Knocked Out a Global Ransomware Attack
May 13, 2017 – The Day “MalwareTech” Became a Hero (and a Bit of a Badass)
In a twist of fate that could only happen in the world of cybersecurity, a 22‑year‑old researcher known as MalwareTech unintentionally stopped a massive ransomware campaign that had hit thousands of computers in over a hundred countries—including the NHS.
The “Accidental” Kill Switch
- Turns out the attackers had built a kill switch into their software: if the malware ever tried to contact a specific domain, it would halt operations.
- MalwareTech registered that domain— without realizing the life‑saving effect—literally shutting off every new infection.
- He tweeted his relief: “I’ll admit it was accidental—after I registered the domain, I found it stopped the malware. I can only add ‘accidentally stopped an international cyber attack’ to my résumé.”
- He added, “As long as the domain isn’t revoked, this strain will stay dormant. Patch your systems ASAP—because they’ll try again if you’re lax.”
Sky News Gets the Scoop
When asked, MalwareTech told Sky News that the kill switch was discovered just three hours after the domain purchase. “It killed every infection that checked our C2 (command & control) server,” he explained. “Even though the exploit was a polished NSA leak, the ransomware itself was kind of amateurish.”
Learning from a ‘Happy Accident’
MalwareTech wrote a detailed blog post titled How to Accidentally Stop a Global Cyberattack—a must‑read for anyone curious about the science of serendipitous cybersecurity.
Curious about the full story? Read the entire event recap or stay in the loop by subscribing directly to updates!
