Warning! JavaScript is turned off or disabled! Some features on this website will not work.
« »
»

Beware of Petya! A New Ransomware that is Wreaking Havoc around the World

2017-06-27T13:45:08 -  +
Beware of Petya! A New Ransomware that is Wreaking Havoc around the World

There is a new and more dangerous ransomware or malicious computer program called Petya that is infecting computers, ATMs and other devices around the world running Microsoft Windows. Petya is being spread via fake email messages with a malicious Microsoft Office (Word, Excel) document or a Zip file attached. Once the malicious attachment is opened, the Petya ransomware will start spreading to other computers running Microsoft Windows on the same network.

Please continue reading below.

Once a computer is infected, the ransomware will encrypt the files on it or make them unreadable, reboots it, and encrypts the MFT (Master File Tree) tables for NTFS partitions, which prevents victims from booting or accessing their computers. It also overwrites the MBR (Master Boot Record) with a custom bootloader that shows the ransom note below.

The Petya Ransom Note or Message

The Petya ransomware uses the following email address wowsmith123456@posteo.net for contact purposes and asks for a payment of $300 in Bitcoin for the victims to receive the key necessary to decrypt or make their files readable again. Because of this, Petya is more dangerous and intrusive compared to other versions or strains because it reboots systems and prevents them from working.

How to Protect Yourself Against the Petya Ransomware

Cyber criminals or hackers flood mailboxes with spam thus sending out fake email messages with malicious documents that deliver ransomware. This attack relies on users opening attached malicious document that will appear legitimate. Therefore, it is important that recipients of unexpected email messages never open the attachments in them, or have their I.T department or a tech-savvy family member or friend check the attachments before they attempt to open them.

Also, it is important that computer users and network administrators backup their important files in case they need to restore them if their computers get infected.

Petya spread via Server Message Block (SMB), a network protocol mainly used for providing shared access to files, printers, and serial ports and miscellaneous communications on a network.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

Remember to help us, help you, by donating. 🎁Click here to donate

Please continue reading below.

Comments, Questions and Reviews ✍
(Total: 2)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

  • Posted: Jun 27, 2017 at 3:20 PM by an anonymous user from or near: Lady Lake, Florida, United States

    Question: what anti-ransomware programs are known to protect against Petya? I'm presently using Cyberreason Ransomfree.

    delete


    • Posted: Jun 27, 2017 at 5:25 PM by info

      All antivirus and antimalware will eventually update their software, so there is no need to install a new one. Just wait for the update.

      delete


Show More of the 2 Comments

Write Your Comment, Question or Review

Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.

Your comment, question or review will be posted as an anonymous user because you are not signed in. Sign-in.