Security News Ukraine cyber attack: Chaos as national bank, state power provider and airport hit by hackers

enaph

Level 28
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,787
Ukraine’s national bank, state power company and largest airport are among the targets of a huge cyber attack on government infrastructure.

Rozenko Pavlo, the deputy Prime Minister, said he and other members of the Ukrainian government were unable to access their computers.

Analysts said the virus, named Petrwrap or Petya, appeared to work similarly to the WannaCry ransomware that infected more than 230,000 computers in 150 countries last month.
Ukrainian state-run aircraft manufacturerAntonov was among the companies hit, along with power distributor Ukrenergo, which said the attack did not affect power supplies.

Read more: An unprecedented cyber attack just took out major banks, government and airport computers in Ukraine
 

enaph

Level 28
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,787
This ransomware is using fake Microsoft digital signature:
upload_2017-6-27_17-42-19.png
 

enaph

Level 28
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,787
I always knew Digital Signatures are not that reliable now a days, but I have been told that its not true. But now we know the truth.
Actually there is no such thing as "reliable" in terms of IT security.
Each solution has it's flaws and only common sense can save us sometimes because no one should run non-MS app signed with their cert right?
 

Razza

Level 4
Verified
Well-known
Aug 12, 2014
163
It's a good thing it's just using a untrusted digital signature with the issuer set to Microsoft, Saying that i think it will come a time when a malware coder managed to steal a code signing certificate from a legitimate software developer and sign there malware with that.
 
Last edited:

enaph

Level 28
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,787

ElectricSheep

Level 14
Verified
Top Poster
Well-known
Aug 31, 2014
655

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
I always knew Digital Signatures are not that reliable now a days, but I have been told that its not true. But now we know the truth.
UAC set to deny unsigned should block this type of forged signatures as far as I know, but for the better of all us correct me when I am wrong.
 
5

509322

Did businesses not learn from the WannaCry fiasco a month or so ago??? That made Global news and it should have been a massive wake up call!

Do you realize how many billions of people pay no attention to the news - if WannaCry was reported at all where they live ?

Even if they did hear about it, it is very likely that they had absolutely no idea what the report meant.

IT security proper is not a part of the vast majority of typical people's lives.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top