Petya Ransomware is Here, And It’s Taking Cues from WannaCry
Just over a month after the infamous WannaCry attack, a new worldwide ransomware attack is here again. Its name is Petya, or Petwrap, ransomware, it’s hit companies everywhere across Europe today, including Ukraine’s government facilities, electric grids, banks, and public transportation, demanding a $300 ransom in Bitcoin in the process.
So how does this Petya attack work, exactly? Going after Windows servers, PCs, and laptops, this cyberattack appears to be an “updated variant” of the Petya malware virus. It uses the SMB (Server Message Block) vulnerability that WannaCry did, only the attack vector is different. This attack is being spread through spear phishing emails— so once innocent users click on a suspicious link, their data becomes encrypted, and their screens display a ransom message. These messages suggest a system reboot, after which the system will not be accessible. This basically means the operating system won’t able to locate files.
Now, the next question is – what can people do to stay secure? Though this attack is largely targeting companies, it’s important everyone stays vigilant and takes precautionary measures. Therefore, to stay protected from Petya ransomware, follow these tips:
-Always make sure your anti-virus is up-to-date to maximize the protection available to you.
-Don’t click. This attack is spreading through phishing emails, so whatever you do, check an email’s content for legitimacy. Hover over a link and see if it’s going to a reliable URL. Or, if you’re unsure about an email’s content or the source it came from, do a quick google search and look for other instances of this campaign, and what those instances could tell you about the email’s legitimacy.
-Do a complete back up. Back up all of your machines immediately. If a machine becomes infected with Petya ransomware, data could become wiped entirely. Therefore, make sure you cover all your bases and have your data stored on an external hard drive or elsewhere.
We will update this post with breaking news.
The post Petya Ransomware is Here, And It’s Taking Cues from WannaCry appeared first on McAfee Blogs.