Petyawrap

SECURITY: Current Global Ransomware Attacks
Another global ransomware attack is making the rounds, starting last night in the Ukraine and spreading internationally. This ransomware appears to be a new Petya variant called Petyawrap, and will encrypt a local hard drive using a fake Check Disk application (see screen shot).

To avoid infection; “Think before you click.”
* do not open email attachments that you did not request
* do not download files from links in emails from unknown senders
* be particularly aware of ‘phishing’ sites requesting your login details

Apply security updates in MS17-010
https://technet.microsoft.com/…/libr…/security/ms17-010.aspx

If you are infected (your computer displays the screen shown in the screen shot), switch off the computer, remove the power and contact your IT Help Desk for assistance.
The email provider has closed the Petya inbox preventing file recovery if the disk has been encrypted.[4]

[1] https://isc.sans.edu/forums/diary/Checking+out+the+new+Petya+variant/22562/
[2] https://researchcenter.paloaltonetworks.com/2017/06/unit42-threat-brief-petya-ransomware/
[3] https://arstechnica.co.uk/security/2017/06/petyawrap-wcry-ransomware/
[4] https://www.bleepingcomputer.com/news/security/email-provider-shuts-down-petya-inbox-preventing-victims-from-recovering-files/

Advertisements
This entry was posted in 2017, patch, security. Bookmark the permalink.

3 Responses to Petyawrap

  1. Protecting against modified Petya ransomware variant (June 2017)
    https://kc.mcafee.com/corporate/index?page=content&id=KB89540

    Includes – EXTRADAT

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s