What We Know About The Petya-NotPetya-PetrWrap Ransomware Attack
The digital world has been hit by another ransomware epidemic, similar to the Wanna Cry attack, and it is using similar tools to crash your computer files. While the attack was first reported by a Ukraine company MeDoc, it has now spread to many US and European countries. The threat caused by this attack is considered to be similar to the Petya malware, which surfaced last year and crashes computers while rewriting the master boot record in the hard disk.
What Does It Do?
There are two variants of encryption under the attack – one that targets files on your computer and the other that encrypts NTFS structures. This prevents PCs from starting in a live operating system environment and doesn’t allow retrieval of any stored files. The attackers are demanding a ransom of $ 300 in Bitcoin digital currency but many companies are not able to access their files even after paying the ransom.
What Can You Do to Protect Your System?
You can apply patches to protect against the MS17-10 vulnerability and also turn off the SMBv1 in order to limit the damage of the attack. All systems with administrative rights must be protected with an anti-malware that’s up to date as administrative systems can spread the virus to computers with patches as well.
While the Wanna Cry attack was deployed into a small number of computers and then spread, Petya/NotPetya/PetrWrap is deployed into a large number of computers and spread through the local network.