Hackers use dangerous Petya ransomware in targeted attacks
In a case of no honor among thieves, a group of attackers has found a way to hijack the Petya ransomware and use it in targeted attacks against companies without the program creators’ knowledge.
A computer Trojan dubbed PetrWrap, being used in attacks against enterprise networks, installs Petya on computers and then patches it on the fly to suit its needs, according to security researchers from antivirus vendor Kaspersky Lab.
The Trojan uses programmatic methods to trick Petya to use a different encryption key than the one its original creators have embedded inside its code. This ensures that only the PetrWrap attackers can restore the affected computers to their previous state.