‘Petya’ ransomware may be smokescreen for potentially larger attack

Latest news

    View the original article: https://www.rt.com/viral/394420-petya-smokescreen-larger-attack/?utm_source=rss&utm_medium=rss&utm_campaign=RSS

    Creating a single file can vaccinate computers against the ‘Petya’ ransomware attack but a ‘kill-switch’ cure for the digital infection has so far eluded cyber security researchers, which may be a sign of worse to come.

    Similar to the WannaCry attacks, users worldwide have been locked out of their systems with screens displaying a demand for a $300 ransom payable in Bitcoin through a specific set of instructions.

    “If you see this text, then your files are no longer accessible, because they are encrypted,” the ransom note reads. “Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.”

    While the infection has spread worldwide already, the open-source cybersecurity community sprang into action immediately and discovered the digital ‘vaccine.’

    Users must simply create a read-only file, with the title ‘perfc,’ and place it in the C:\Windows folder. This will stop the attack dead in its tracks. It does not, however, prevent infection to other machines, it merely protects the individually targeted system, much the same way an immunized human can still be a carrier of infection.

    “There is low risk of new infections more than one hour after the attack,” the MalwareTech blog stated.

    The current ransomware attack is far more limited in scope than its predecessors as it does not attempt to propagate beyond the target network, fuelling speculation that it may just be a cover for another, much larger attack.

    Such tactics were allegedly employed during the WannaCry incident which acted as a cover to install the Adylkuzz cryptocurrency miner on thousands of systems worldwide.

    The smaller scale and relative ineffectiveness of the current attack is conspicuous given the recent wave of ransomware hacks worldwide from which the perpetrator could have drawn technical knowledge and inspiration.

    The email account to which victims send their ransoms was suspended by the German hosting provider Posteo by noon local time on June 27 and the Bitcoin wallet associated with the attack has not been accessed.

    Given the size but disparate nature of the targets – including the Ukrainian central bank, Russia’s state oil company Rosneft, British advertising firm WPP, and US law firm DLA Piper – it appears, initially at least, that the attack was intended to generate chaos and confusion rather than money. 

    In the same category are

    ‘Free Tommy’ protests: Letter urges people to ‘come together’ to defeat UK’s resurgent far-right Protests surrounding the imprisonment of ex-EDL leader Tommy Robinson have caused over 50 prominent figures to collectively voice their concerns in a ...
    Ex-Trump campaign chief Lewandowski slammed online for mocking migrant girl with Down Syndrome Corey Lewandowski, the former campaign manager to then-presidential nominee Donald Trump, has angered critics after mocking a story of a disabled migr...
    China cuts US investments by 92% amid escalating trade war The US market saw a significant plunge in investment from China in the first five months of the year amid a growing trade row between the world's two ...
    Self-fulfilling prophecy? Man with gun tattoo on face arrested for firearm possession (PHOTO) In an example of life imitating art, a South Carolina man with a handgun tattooed on his forehead has been charged with unlawfully carrying a fully-lo...
    Gosport suspicious deaths: Govt. expected to be blamed as report is revealed The government will likely be partly blamed for the deaths of hundreds of patients who were given opioid drugs at the Gosport War Memorial Hospital. W...
    Saudi Arabia to turn Qatar into an island by digging massive canal – report Saudi Arabia will reportedly hold bidding among foreign engineering firms in order to dig a huge canal that will separate it from Qatar and basically ...

    Leave a comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.