Category Archives: Petya

New Petya Distribution Vectors Bubbling to Surface

Posted on by

Microsoft has made a definitive link between MEDoc and initial distribution of the Petya ransomware. Kaspersky Lab, meanwhile, has identified a Ukrainian government website used in a watering hole attack. Continue reading New Petya Distribution Vectors Bubbling to Surface

Global ransomware attack was meant to be destructive, not collect money

Posted on by

A global ransomware outbreak Tuesday was inherently designed to be destructive in nature, according to private sector cybersecurity researchers. An analysis of Petya conducted by Comae Technologies’ Matthieu Suiche reveals that computer code in the June 27 version of the malware is different than previous samples which were tied to incidents involving monetary gain. The primary difference between past Petya variants and Tuesday’s malware comes in the form of a small block of code that effectively commands the virus to “erase the Windows system’s Master Boot Record (MBR) on default,” said Suiche. “After comparing both implementations, we noticed that the current [implementation] that massively infected multiple entities in Ukraine was in fact a wiper, which just trashed the 25 first sector blocks of the disk,” Suiche wrote in a blog post. Petya effectively demolishes a key function of the victim computer’s boot process even before a victim has the chance to read any ransom […]

The post Global ransomware attack was meant to be destructive, not collect money appeared first on Cyberscoop.

Continue reading Global ransomware attack was meant to be destructive, not collect money

Petya-esque ransomware is spreading across the world

Posted on by

Ringing in with echoes of WannaCry, Petya (or Petrwrap, NotPetya), is a new ransomware strain outbreak affecting many users around the world.
Categories:
Cybercrime
Malware
Tags: EternalBlueexploitgermanymalwarebytes labsNotPetyaPetrwrappetyaransomwa… Continue reading Petya-esque ransomware is spreading across the world

Ukrainian officials: Hacked auto-updates spread ransomware infection across country

Posted on by

As the whole world deals with another massive ransomware outbreak, it appears the variant may have spread in different ways among the various impacted countries. In Ukraine, the hardest hit nation in Tuesday’s outbreak, the ransomware spread across government institutions, banks and even radiation monitoring at the Chernobyl nuclear facility. The initial attack vector has been attributed to an update of accounting software company MeDoc, which sent an infected file out to customers, according to Ukrainian officials as well as security researchers at Kaspersky and Cisco. MeDoc acknowledged Tuesday afternoon the company was targeted by “a massive hacker attack,” but denied that the software updates were the infection vector that allowed the malware to spread across the country. The company did not respond to a request for comment. Aleks Gostev, Kaspersky Lab’s Chief Security Expert, wrote sardonically on Twitter that MeDoc’s response was merely the first stage of grief: “Denial.” Кіберполіцією попередньо установлено, що перші вірусні атаки на […]

The post Ukrainian officials: Hacked auto-updates spread ransomware infection across country appeared first on Cyberscoop.

Continue reading Ukrainian officials: Hacked auto-updates spread ransomware infection across country

‘Petya’ Ransomware Outbreak Goes Global

Posted on by

A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware appears to be spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain. Continue reading ‘Petya’ Ransomware Outbreak Goes Global

Petya ransomware outbreak: Here’s what you need to know

Posted on by

Petya ransomware impacting large organizations in multiple countries Read More Continue reading Petya ransomware outbreak: Here’s what you need to know