Ransomware: What You Need To Know About The Latest Global Weapon
4 stars based on
37 reviews
The malicious program has spread to dozens of countries. The "Petya" cyberattack that has now struck computers in at least 65 countries can be traced ransom ware bitcoin black screen a Ukrainian company's tax accounting software, Microsoft says. The complexity of the attack has fueled debate over whether the ransom ware bitcoin black screen is a new threat or a more sophisticated version of the Petya malware that was used in an attack last spring.
But Microsoft says the ransomware is "a new variant" of Petya, adding that it has issued new security updates to protect computers running its Windows software.
Other anti-virus companies have also updated their software, in an attempt to limit the damage. The initial infection can be traced to tax accounting software from a Ukrainian company called M.
That connection was the subject of speculation Tuesday, but Microsoft now says it "has evidence that a few active infections of the ransomware initially started from the legitimate MEDoc updater process. Petya is still affecting airports and ATMs in Ukraine and hampering international businesses from the shipping giant Maersk to the drug company Merck.
Let's not be aggressive. This is not a generic Killswitch like MalwareTechBlog found, it's a temporary workaround. The malware is being compared to the WannaCry outbreak that struck computers in more than countries last month — but so far, at least, Petya seems to be spreading more slowly.
But in a move that has caused some controversy, German email company Posteo blocked the email address the Petya hackers were using to confirm ransom payments. While some cybersecurity experts have praised the approach, others note that users whose files are held hostage have now lost their sole point of contact.
WannaCry was largely undone by the discovery of a "kill switch" that could shut it down. No such kill switch has been found so far with Petya, and experts are still working to find a way to stop it.
But security researcher Amit Ransom ware bitcoin black screen of Boston's Cybereason has identified a method that essentially acts as a vaccine for computers infected by the malware. His method tricks the ransomware into thinking that it's already operating on a machine. Serper is being widely praised for the innovation — but he says the fix is "a temporary workaround. Security experts also are divided on what to call the ransomeware.
Some analysts have dubbed the malware "NotPetya," to reflect the differences from the original. Others call it "Goldeneye" — the name of another recent strain of the Petya ransomware. Polish researcher Hasherezade says that because core elements of the malware's code still resemble the original, "it is fair to call it a new step in the evolution of Petya.
WannaCry was based on exploits stolen ransom ware bitcoin black screen the National Security Agency — including a program called EternalBlue, which exploited ransom ware bitcoin black screen Microsoft vulnerability. Using some of the same exploits, Petya has the ability to worm through computer networks, gathering passwords and credentials and spreading itself.
After a self-imposed delay of at least 10 minutes, the malware uses a reboot to encrypt files. At that point, users see a fake black-and-white "CHKDSK" message on their screen that claims an error has occurred and that the system is checking the integrity of the disk.
This is the last chance, security experts say, for users to power down their computers and protect their files before they're encrypted and held for ransom. The WannaCry outbreak prompted many network administrators ransom ware bitcoin black screen update their security patches.
But as the story of an IT worker in Scotland shows, Petya can still sometimes find a way into those machines, by collecting passwords and credentials from an unpatched computer and using them to ransom ware bitcoin black screen into patched machines. On his blogScott doesn't identify his employer, but he says: Accessibility links Skip to main content Keyboard shortcuts for audio player.
The Two-Way An updated version ransom ware bitcoin black screen the malware has the ability to worm through computer networks, gathering passwords and credentials and spreading itself. Facebook Twitter Flipboard Email. June 28, 9:
