Companies around the globe are preparing for an imminent cyberattack as offices re-open on Monday, media reports said.
Cybersecurity experts predict that the scope of the attack could expand as people return to work and resume work on computers, CNN reported on Monday.
Though a British security researcher, MalwareTech, managed to stop the spread of the virus, hackers have issued new versions that cybersecurity organisations are trying to counter.
“We will get a decryption tool eventually, but for the moment, it’s still a live threat and we’re still in disaster recovery mode,” the report quoted Europol Director Rob Wainwright as saying.
MalwareTech has predicted “another one coming… quite likely on Monday”, the BBC reported on Sunday.
The biggest ever ransomware attacks that started on Friday have wrecked havoc across globe, crippling computers and demanding hundreds of dollars from the users before they could regain control.
After taking computers over, the virus displayed messages demanding a payment of $300 in virtual currency Bitcoin to unlock files and return them to the user.
The number of ransomware-affected cases is still rising.
Europol has been analysing the virus and is yet to identify the hacking group behind the massive attacks.
MalwareTech, who wants to remain anonymous, was hailed as an “accidental hero” after registering a domain name to track the spread of the virus, which actually ended up halting it.
“We have stopped this one, but there will be another one coming and it will not be stoppable by us,” the 22-year-old said.
“So there’s a good chance they are going to do it… maybe not this weekend, but quite likely on Monday morning.”
He also warned hackers could upgrade the virus to remove the “kill switch” that helped to stop it.
“Version 1 of WannaCrypt was stoppable but version 2.0 will likely remove the flaw. You’re only safe if you patch as soon as possible,” he tweeted.
Investigators are working to track down those responsible for the ransomware used on Friday, known as Wanna Decryptor or WannaCry.
The virus exploits a vulnerability in Microsoft Windows software, first identified by the US National Security Agency.