- Jun 9, 2013
- 6,720
A new ransomware virus attack hit on Tuesday 27th June with its epicentre in Ukraine and quickly spread around the world. This was the largest worldwide attack since the ‘WannaCry’ virus last month.
A Bitcoin payment, equivalent to $300, was demanded to recover encrypted data and it’s believed that this ransom was extorted from only a few of those infected until the payment system was stopped. This has left millions of data files lost forever. The total loss of money and data may never be known but this type of attack is becoming increasingly popular. Clearly ransomware is proving very lucrative for the criminals behind it and the potential economic damage caused by data loss makes state sponsored ransomware attacks inevitable.
This latest attack is part of the ‘Petya’ family of encrypting ransomware. Petya ransomware updates the Windows Master Boot Record (MBR) boot code with its payload and, while encrypting the NTFS file system at Windows boot time, presents a ransom message on the PC that’s now failing to start.
While the ransomware was encrypting data, Tuesday’s attack showed a fake but credible Windows check disk screen before displaying the ransom demand.
Full Article.
Better safe than sorry – Macrium Software
A Bitcoin payment, equivalent to $300, was demanded to recover encrypted data and it’s believed that this ransom was extorted from only a few of those infected until the payment system was stopped. This has left millions of data files lost forever. The total loss of money and data may never be known but this type of attack is becoming increasingly popular. Clearly ransomware is proving very lucrative for the criminals behind it and the potential economic damage caused by data loss makes state sponsored ransomware attacks inevitable.
This latest attack is part of the ‘Petya’ family of encrypting ransomware. Petya ransomware updates the Windows Master Boot Record (MBR) boot code with its payload and, while encrypting the NTFS file system at Windows boot time, presents a ransom message on the PC that’s now failing to start.
While the ransomware was encrypting data, Tuesday’s attack showed a fake but credible Windows check disk screen before displaying the ransom demand.
Full Article.
Better safe than sorry – Macrium Software
