Petya Ransomware Attack

Petya Ransomware Attack

Beware of the Petya Ransomware

Petya ransomware first discovered in March 2016, the Petya ransomware has made a resurgence. Originally, it infected the master boot record and installed a payload that encrypts NTFS file tables. The operating system will not boot until the users pay the ransom, and the hacker will encrypt the ransomware file.

 What has changed about the Petya ransomware in 2017?

The WannaCry ransomware, which is a modified version of Penta, recently attacked the global cyber, on June 27th. The malware spreads through the same vulnerability in Windows, and the WannaCry ransomware destroyed the operating system. Unlike the original Petya ransomware, this version does not unlock the system, even after the users pay the ransom.

Ukraine had the hardest attack by Petya among the countries. Kaspersky Lab also found infections in France, Germany, Italy, Poland, the United Kingdom, and the United States. Petya attacked more than 80 companies, including the National Bank of Ukraine.

What should you do if Petya attacks your computer?

The exploit attacks vulnerable Windows Server Message Block services. However, Microsoft has already patched this vulnerability. If you haven’t kept your system updated, it has a higher chance that Petya will attack your system. Below is a link direct you to the Windows update. Please click the following link and protect yourself.

Microsoft Security Bulletin MS17-010 – Critical

If you are infected, DO NOT PAY! As always, never click any suspicious links or open any attachments that you don’t trust. Keep your anti-viruses up to date and if you run into any problems, Vanguard Solutions is always here to help! Give us a call at (310)-817-2700, or email us at info@vanguardsolutions.

Remember, do not panic, send us your infected computer, we will take good care of it.

Leave a Reply

Your email address will not be published. Required fields are marked *

Error: (#12) source field is deprecated for versions v3.3 and higher
Type: OAuthException
Code: 12