Petya ransomware

Yet another big ransomware attack has started taking out computers and businesses around the world. This one is called Petya. It is using the exploit from WannaCry so if you have already patched up your system then you should be safe. At least until another variant comes out. Below you can see the image of the current ransom message.

Petya

Cyber security experts say this variant is much higher in quality. It seems to have been made by a more professional-grade group. They think the virus first took hold in the Ukraine. By using a local news site and a popular accounting package it silently infects computers. Then this virus could leap from computer to computer over a local network. The only good thing is this variant could not autonomously go on the internet to look for its next victims.

Petya infecting supermarket

Prevent Ransomware

There are already reports of other variants but I do not know much about them so it is hard to say what they can do and how they infect. The best you can do is to keep your computer up to date. Also check out my post on 4 ways to prevent ransomware.

Update: Someone found a file that acts like a Vaccine to the current variant of Petya. That may be something to look into. https://www.bleepingcomputer.com/news/security/vaccine-not-killswitch-found-for-petya-notpetya-ransomware-outbreak/

Update: I am hearing that if you type “Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol” into PowerShell this will stop it from jumping from computer to computer.

SPREAD THE WORD

Leave a Reply

Your email address will not be published. Required fields are marked *