The Newest ‘Petya’ Ransomware Upsurge Hits 65 Countries

A new ransomware, commonly referred to as “Petya”, is rapidly worming itself and causing more trouble—from Redmond to other places around the globe.

After less than two months of dealing with the devastating WannaCry catastrophe, Microsoft has stated that Petya is even more nasty mainly because of its worm-like abilities to maneuver laterally within affected networks.

Based on Microsoft’s reports, the initial Petya malware erupted from a Ukrainian firm that builds an accounting application referred to as MEDoc. Microsoft reported that it first noticed Petya infections from users who were updating the MEDoc application.

Now, the new strain is highly complicated and capable of causing extensive damage within a short period of time. According to several media sources, Ukraine seems to be the strongest hit by the ransomware, which requires $300 to be paid in Bitcoin for decrypting files—similar to WannaCry.

Petya has consequently become a worldwide threat, by swiftly causing havoc in more than 65 countries. Several governments, financial firms, and different companies have reported crippling of sensitive services due to Petya attacks.

Petya is causing damages using some OS weaknesses Microsoft patched in March 2017—the same Windows loophole WannaCry utilized to cause damage. By taking advantage of these weaknesses in an unpatched system, Petya is capable of proliferating itself across networked systems, while amassing passwords and other sensitive details along the way.

To safeguard yourself from this damaging malware, it’s recommended that you keep your systems operating on Windows OS updated with the most recent released patches. You can also stop exchange of data through ports 139 and 445 and deactivate remote WMI and transferring of files.

View full article here.

Comments are closed.