WannaCry is characterized as a network cryptoworm ransomware that spread through vulnerable SMB implementations in older Windows systems instead of relying mainly on malicious email attachments. After infection, it encrypted files, directed victims to a Bitcoin payment site, and used EternalBlue to propagate quickly across exposed systems, reaching more than 200,000 computers in 150 countries within a day. The excerpt says the exploit was leaked by The Shadow Brokers and then picked up by North Korean hackers, while attribution accounts vary between a North Korean government order and the Lazarus Group. The kill-switch domain registered by Marcus Hutchins and a second domain registered by Matt Suiche sharply reduced spread, but the article warns that EternalBlue-based variants and unpatched legacy systems remain a continuing risk.