Petya Ransomware Outbreak

[Vibe-Feeler]

Hey everyone, make sure your computers have the latest security patches installed, there's another ransomware outbreak spreading as we speak:

https://motherboard.vice.com/en_us/article/qv4gx5/a-ransomware-outbreak-is-infecting-coputers-across-the-world-right-now

 

[Vibe-Feeler]

Update:

It doesn't matter if your systems are up to date, this ransomware can still infect. Question any emails you get with WordPad Microsoft Office documents as attachments and if you open an Office document and it asks you anything regarding enabling macros, DO NOT ENABLE THEM!!!

 

[Debi]

Update:

It doesn't matter if your systems are up to date, this ransomware can still infect. Question any emails you get with WordPad Microsoft Office documents as attachments and if you open an Office document and it asks you anything regarding enabling macros, DO NOT ENABLE THEM!!!

Thanks, Vibe!

This whole hacker and virus thing is just out of control. Is there anything within the IT world to stop this from being a constant threat out there?

 

[Vibe-Feeler]

Is there anything within the IT world to stop this from being a constant threat out there?

Never. The cyber war between hackers and authorities will never end. All that happens is one side gains the upper-hand over the other side for a while and right now the hackers have a huge upper-hand. As the authorities and preventative measures get smarter, so does the malware and the hackers, and things are bound to get much worse in the next few months. All you can do is make yourself aware of the threats and tactics/tricks and how to prevent falling victim. Anti-virus, firewalls, malware detection systems and all that can only do so much, at some point the malware will bypass these things until they improve themselves to match the malware's standards. But that's where I come in on here to help lol.

 

[Lynne]

Thanks Vibe. We need someone to stay up on this. It's helpful to those of us who aren't as knowledgeable in these Tech issues.

 

[Vibe-Feeler]

Oh btw, turns out it's not a ransomware. It may appear as that but the ransomware appearance is just a disguise, it's actually a wiper designed to render your PC inoperable permanently. When installed, Petya removes the master boot record (MBR) from your computer. The MBR is what contains your operating system (like Windows) and when you switch your computer on, it goes to the MBR to retrieve the necessary operating system files and load them into memory so you can reach the part of the operating system that you actually use. So Petya removes that and replaces it with the ransom note, therefore no access.

But it turns out it may have been a state-funded attack by Russia to attack Ukrainian organisations. So it's not financially motivated but political and was not intended to spread the way it did. However given that organisations are interconnected globally, overseas companies linked to these Ukrainian companies also got hit because Petya used international VPNs as a bridge to jump from one local area network (LAN) to another. Research shows that the recovery method of the malware is inoperable which means there was never an intent to fix the damage once a ransom was paid. So if your computer gets hit, that's it, game over.

 

[Lynne]

Good update. Thanks!