Security News Ukraine cyber attack: Chaos as national bank, state power provider and airport hit by hackers

[enaph]

Ukraine’s national bank, state power company and largest airport are among the targets of a huge cyber attack on government infrastructure.

Rozenko Pavlo, the deputy Prime Minister, said he and other members of the Ukrainian government were unable to access their computers.

Analysts said the virus, named Petrwrap or Petya, appeared to work similarly to the WannaCry ransomware that infected more than 230,000 computers in 150 countries last month.
Ukrainian state-run aircraft manufacturerAntonov was among the companies hit, along with power distributor Ukrenergo, which said the attack did not affect power supplies.

Read more: An unprecedented cyber attack just took out major banks, government and airport computers in Ukraine

 

[In2an3_PpG]

Its a shame they left themselves this vulnerable after WannaCry. I mean its been more than a month since WannaCry. Had plenty of time in my opinion to prepare.

Thanks for sharing.

 

[enaph]

Looks like it's spreading globally: Massive ransomware attack is causing chaos in airports, banks and more worldwide

 

[enaph]

This ransomware is using fake Microsoft digital signature:

 

[Aleeyen]

I always knew Digital Signatures are not that reliable now a days, but I have been told that its not true. But now we know the truth.

 

[enaph]

I always knew Digital Signatures are not that reliable now a days, but I have been told that its not true. But now we know the truth.

Actually there is no such thing as "reliable" in terms of IT security.
Each solution has it's flaws and only common sense can save us sometimes because no one should run non-MS app signed with their cert right?

 

[Razza]

It's a good thing it's just using a untrusted digital signature with the issuer set to Microsoft, Saying that i think it will come a time when a malware coder managed to steal a code signing certificate from a legitimate software developer and sign there malware with that.

 

[total]

Current situation of Petrwrap/wowsmith123456 ransomware - percentage of infections by country.
Current situation of Petrwrap/wowsmith123456 ransomware - percentage of infections by country. - Interactive live map of conflict news - Ukraine Latest News - liveuamap.com

 

[enaph]

wonder how much they'll make from this one

 

[total]

seems it is not petya ransomware ?
Kaspersky Lab malware analyst Vyacheslav Zakorzhevsky said infections were traced to a “new ransomware we haven’t seen before.”
Second Global Ransomware Outbreak Under Way

4 — Postimage.org

[/url][/IMG]

 

[enaph]

It's not Petya itself but the infection methodology is the same - Kora (???) encrypts MFT tables and overwrites the MBR, drops a ransom note and leaves victims unable to boot their computer.

Spoiler: Virustotal

Antivirus scan for 027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745 at 2017-06-27 19:21:28 UTC - VirusTotal

 

[enaph]

Emsisoft calls it Petna: Petya ransomware variant attacks computers worldwide

 

[ElectricSheep]

It even hit the radiation monitoring systems at Chernobyl, taking them out briefly

 

[frogboy]

Here also. Fears for Australia as ransomware virus hits computer servers across globe

 

[ElectricSheep]

Here also. Fears for Australia as ransomware virus hits computer servers across globe

Did businesses not learn from the WannaCry fiasco a month or so ago??? That made Global news and it should have been a massive wake up call!
NO excuses this time as they've had PLENTY of time to patch their networks, etc.
We need a Facepalm emoji for this one

 

[Windows_Security]

I always knew Digital Signatures are not that reliable now a days, but I have been told that its not true. But now we know the truth.

UAC set to deny unsigned should block this type of forged signatures as far as I know, but for the better of all us correct me when I am wrong.

 

[enaph]

There is a method to stop this ransomware:

 

[509322]

Did businesses not learn from the WannaCry fiasco a month or so ago??? That made Global news and it should have been a massive wake up call!

Do you realize how many billions of people pay no attention to the news - if WannaCry was reported at all where they live ?

Even if they did hear about it, it is very likely that they had absolutely no idea what the report meant.

IT security proper is not a part of the vast majority of typical people's lives.