Another ransomware attack is here, and it's spreading fast
Share This Article:
Another global-scale cyberattacks hit Russia, Britain and the US yesterday, disrupting a number of different industries and governments and restricting radiation checks at the Chernobyl power plant.
Happening just a month after the WannaCry ransomware virus that targeted the NHS, endangering several people, the new string of the malware called Petya allegedly originated in Ukraine and then spread to Spain, Germany, Israel, the UK, Netherlands and the US.
Marco Cova, a researcher at the US cybersecurity company Lastline, commented for The Times by saying that Petya looked “very similar in its dynamics and techniques” to Wannacry and appeared to rely on the same piece of software, called EternalBlue, to help it spreading.
He added: “If it is confirmed that EternalBlue is the only spreading mechanism, there will be inevitable questions about how organisations could still fall to this attack.”
The way the ransomware works is by locking owners out of their own files, then asking for money in order to unlock them. It has been estimated that more than £6,000 pounds has already been paid to the cyber terrorists following this attack.
However, experts suggested affected people do not pay the ransom, since they wouldn’t be getting their files back anyway. This because hackers behind Petya ransomware would not be able to retrieve the corrupt files.
Posteo, the German email provider, has suspended the email address i.e. wowsmith123456@posteo.net, which was behind used by the criminals to communicate with victims after getting the ransom to send the decryption keys, but the ransomware is still spreading across the globe.
PT Security, a UK-based cyber security company, have allegedly discovered a Kill-Switch for Petya ransomware. According to a tweet, company has advised users to create a file i.e. "C:\Windows\perfc" to prevent ransomware infection.
#StopPetya We have found local “kill switch” for #Petya: create file "C:\Windows\perfc" pic.twitter.com/zlwB8Zimhv
— PT Security (@PTsecurity_UK) June 27, 2017
To safeguard against any ransomware infection, experts suggest you should always be suspicious of unwanted files and documents sent over an email and should never click on links inside them unless you know the source.
Also, you should keep a good back-up routine in place that makes their copies to an external storage device that isn't always connected to your PC.
Finally, make sure that you run a good and effective anti-virus security suite on your system, and keep it up-to-date.
- Article continues below...
- More stories you may like...
- Exhibition Review: AI: More Than Human @ Barbican
- Google changes its algorithm for 'lesbian'
- Research reveals the top 10 things holding back women at work