These guys just don’t stop, do they?
Well, in the past when people used to mention about ransom money, it was implicit that one of your loved ones has come into the vicinity of grave danger.
But, thanks to these guys, it’s definition has become more “personal”. With their latest cybercrime gimmicks, your personal and office files have come under the radar of destruction, and, you just cannot keep calm. The latest addition to the family of ransomware attacks is Petya, also known as Petawrap.
Petya global ransomware has come a little after the “month of Wanna Cry” got over and has already shown its wreath in the likes of Ukraine, Netherlands, Romania, France, Norway, Britain, Russia, and, Spain. Not taking more than some cloudy hours, the cyber attack has already spread through some of the major companies in USA and India as well.
The cyber attack was first observed in Russia when their biggest oil company got shut down due to the assault. Later, It has unrolled itself to various government organizations, banks, hospitals, etc. in Ukraine. Our beloved Cadbury factory at Hobart, Australia is the latest addition to the list of companies who have become the victim of its cyber-destructive nature. Though, it has been articulated that it lacks the essential zeal to destroy because the Petya ransomware uses a variant of Eternal Blue, a flabbergasted software made to exploit the fundamental features of a computer including reading and writing into files. However, most of the systems have been left unhindered as the month-old Wanna Cry ransomware used a similar kind of technology to unfold itself into the computer and many organisations have learned it the hard way.
Origin of Petya Ransomware and its Implications
Its origin is still unknown, and it has been said that it demands from its victim a ransom of 300$ in Bitcoins for the decryption key. However, whether they really provide you with the key afterwards, is yet to be known. Petya attacks the core of the system while leveraging essential networking tools such as PsExec and Windows Management Instrumentation (WMI). Although, Windows had provided an update for the patches but, as not many people have installed the same, they come under the list of vulnerables. The virus has already infected thousands of systems across the globe and planning to increase that ratio up to many folds. (Wow! At least someone is working to achieve its goal. Poor virus; we can’t help him win this time!).
What is Petya and How it Works?
It encrypts the master boot files using service message block vulnerability of the windows, which is another add on to the list of files that Wanna cry loved to attack. After the attack, a message is generally displayed on the user’s screen telling him that the files on his computer have been encrypted and can not be opened until and unless he decides to pay up. The virus is spreading in the form of spam mail or a “bad text” hidden in a beautiful piece of content. Currently, it’s targeting only larger organizations to maximize the damage but who can predict about machines or viruses lately. So, you need to stay vigilant in case it loses its interests in the “sharks” and handsome money as well.
In case you have already been attacked, then, to tell you honestly pay up as that ship has already sailed a long ago.
In case you haven’t then the following steps are advised to be taken, immediately!
— Update your virus right now if not already done.
— Don’t be hasty while clicking! Hover over to the blue link to know if it is getting you to somewhere familiar or leaving you in the midst of thin air. If you have any doubts left whatsoever about the sender of a specific mail, then avert your gaze immediately and click open another tab asking the internet about the legitimacy of the topic.
–Do a complete backup. As the virus has become a recent hit (in a negative sense, obviously!), a lot of research has to be made to know its implications and possible remedies. So, you are suggested to perform a backup of your important systems and store it somewhere safe where the virus can’t touch it. (We have just been transported to the old game of hide and seek, where at the end of the day it all comes down to who is a better seeker or who is the master of the valley).
— Update Your System Applications and also install the latest update on patches provided by Microsoft.
We’ll update you even further on the topic as soon as we catch the wind of the further possible ramifications. Make sure to check out this space for more information on Petya ransomware.
Tips to Prevent Petya Ransomware From Infecting Your System:
- Enable your popup blocker: Pop-ups and ads in the websites are the most adoptable tactic used by cyber criminals or developers with the core intention to spread malicious programs like Petya Ransomware. So, avoid clicking uncertain sites, software offers, pop-ups etc.
- Keep your Windows Updated:To avoid such infections, we recommend that you should always keep your system updated through automatic windows update. By doing this you can keep your device free from virus. According to survey, outdated/older versions of windows operating system are an easy target.
- Third party installation:Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
- Regular Back up: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection. Thus always backup important files regularly on a cloud drive or an external hard drive.
- Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like McAfee or a good Malware Removal Tool like Free Malware RemovalTool. Apart from this we would suggest a regular updating of these software to detect and avoid latest infections.