NotPetya – Page 13 – WindowsTechs.com

Global malware attack ‘most likely’ carried out by a nation-state, NATO-sponsored researchers say

Posted on July 3, 2017 by Patrick Howell O'Neill

The search for the source of last week’s global malware attacks continues as experts are increasingly pointing toward Russian involvement in the incident. The NATO-affiliated Cooperative Cyber Defence Centre of Excellence (CCD COE) in Tallinn, Estonia, concluded last week that the attack was “most likely” carried out by a nation-state. The report followed a string of separate analyses that said the attacks appeared to have Russian sources. CCD COE researchers pointed to the sophistication of the malware. “In the case of NotPetya, significant improvements have been made to create a new breed of ultimate threat,” said one of the researchers, Bernhards Blumbergs. “Among all new features, the malware has been more professionally developed in contrast with sloppy WannaCry, and instead of scanning the whole Internet it is more targeted and searches for new hosts to infect deeper on local computer networks once initial breach has occurred.” The assertion by NATO-sponsored researchers that a nation-state probably spread the malware only intensifies questions […]

The post Global malware attack ‘most likely’ carried out by a nation-state, NATO-sponsored researchers say appeared first on Cyberscoop.

Continue reading Global malware attack ‘most likely’ carried out by a nation-state, NATO-sponsored researchers say→

EternalPetya – yet another stolen piece in the package?

Posted on June 30, 2017 by Malwarebytes Labs

Since 27th June we’ve been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. Some believed, that it is a rip-off the original Petya, others – that it is another step in its evolution. However, so far, those were just different opinions, and none of them was backed up with enough evidence. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).

Categories:

Tags: attribution EternalPetya hasherezade hexedit janus Malwarebytes NotPetya NSA petya psexec ransomware

Continue reading EternalPetya – yet another stolen piece in the package?→

This Is What It Looks Like When You Get Hit with the NotPetya Ransomware

Posted on June 30, 2017 by Ben Sullivan

It’s almost impossible to recover your files. Continue reading This Is What It Looks Like When You Get Hit with the NotPetya Ransomware→

No evidence NotPetya developers obtained NSA exploits weeks before their public leak

Posted on June 30, 2017 by Dan Goodin

Evidence ties people behind massive malware attack to mysterious Shadow Brokers group. Continue reading No evidence NotPetya developers obtained NSA exploits weeks before their public leak→

Threatpost News Wrap, June 30, 2017

Posted on June 30, 2017 by Chris Brook

Mike Mimoso and Chris Brook discuss this week’s ExPetr global ransomware outbreak, how it was distributed, the wiper aspect, and similarities to 2016’s Petya ransomware.

Continue reading Threatpost News Wrap, June 30, 2017→

NotPetya attacker can’t provide decryption keys, researchers warn

Posted on June 29, 2017 by Zeljka Zorz

While defenders and security researchers are sifting artefacts that could help prevent new NotPetya ransomware attacks and perhaps point to the identity of the attacker, the victims are trying to recover their systems. Judging by the Bitcoin wallet to which ransom payments are to be made, some 45 organizations have attempted to go that route. As I’m writing this, the wallet holds nearly 4 Bitcoin (around $10,200). But it’s very doubtful that those that chose … More → Continue reading NotPetya attacker can’t provide decryption keys, researchers warn→

ExPetr Called a Wiper Attack, Not Ransomware

Posted on June 29, 2017 by Tom Spring

The global outbreak of the Petya/ExPetr malware wasn’t a ransomware attack, it was wiper malware aimed to sabotage, according to experts. Continue reading ExPetr Called a Wiper Attack, Not Ransomware→

The next frontier of cyber governance: Achieving resilience in the wake of NotPetya

Posted on June 29, 2017 by Help Net Security

Earlier this week, several European nations experienced a widespread ransomware attack. Major international giants, such as Merck, WPP, Rosneft, and AP Moller-Maersk, alongside financial institutions, banks, energy companies and more were affected, where users were locked out of computers. The focus of the attack was Europe, but it was also discovered that DLA Piper, a massive U.S. headquartered law firm, was hit by this new strain of ransomware. First reports attributed the attack to the … More → Continue reading The next frontier of cyber governance: Achieving resilience in the wake of NotPetya→

Tuesday’s massive ransomware outbreak was, in fact, something much worse

Posted on June 28, 2017 by Dan Goodin

Payload delivered in mass attack destroys data, with no hope of recovery. Continue reading Tuesday’s massive ransomware outbreak was, in fact, something much worse→

‘Little Hope’ to Recover Data Lost to Petya Ransomware

Posted on June 28, 2017 by Michael Mimoso

Researchers at Kaspersky Lab have discovered an error in the ExPetr ransomware code that prevents recovery of lost data. Continue reading ‘Little Hope’ to Recover Data Lost to Petya Ransomware→