I think I installed something called WannaCry in a Qube

I was using a Windows VM Qube to download some educational videos about some educational topics.

The video ended in .exe and I thought it was compressed. I clicked on the exe and windows started open. It said it was WannaCry.

I had not know about WannaCry, but it was not educational video I expect.

I went to Qubes manager and deleted my entire WindowsVM with Windows Tools. Everything in it gone. It took me a very long time to install WindowsTools and the USB recognition in the WindowsVM.

It took so long to install the Tools and USB that I made 3 clones of the Windows Qubes after I installed them. I did lose 3 educational videos, but I was planning on deleting them within 20 minutes so this is an okay.

My other Qubes seemed okay. My homework is in the SchoolVM. Could the WannaCry go to my other Qubes?

1 Like

If the WannaCry file was only downloaded within that (now deleted) VM and you did not copy it anywhere else, you should* be absolutely fine.


Unless the ‘WannaCry’ file contained a 0-day exploit that targets xen or your specific firmware. But I highly doubt that.

1 Like

No. If it really was WannaCry (or any other typical windows malware) there’s no way it could touch other qubes.

The worst thing that could happen is that for the time windows malware is running, it is producing malicious traffic and your ISP might block temporarily your connection. And obviously it can steal documents from your windows qube.

1 Like

Unless the ‘WannaCry’ file contained a 0-day exploit that targets xen or your specific firmware. But I highly doubt that.

Shouldn’t the firmware be completely safe, if no PCI device is connected to the app qube and the attack does not use any 0-day xen exploit?

I mean, there is no physical firmware connected to the qube, everything virtualized in an abstract layer (please correct me, if I am wrong).


I’ve never seen anything like that during my quite long professional career. I’d pay a lot of money to get infected with 0-day Xen malware. I’d present it around the world and get famous.

Typical "WannaCry"s are extremely stupid pieces of software.

I’m not saying that’s science fiction, but definitely not in the domain of mass malware. I mean who would be so stupid to leave such a gem to some random “click me” executables in the internet?

1 Like