Petya ransomware started spreading on June 27, 2017, infecting many organizations and causing havoc around the globe.
What is it?
- A“wiper” virus disguised in a ransomware. The goal of a wiper virus is solely destruction, eliminating any possibility for restoration.
- Paying the ransom does nothing. Petya creators never had the intention of sending a decryption key.
- Speculated to have been created to infiltrate the Ukrainian infrastructure. In response, the Ukrainian police raided the office where a rogue software editor was suspected of having created the virus.
- Overwrites the boot sector of the hard disk. Upon rebooting, the master index of the C: drive will be destroyed.
How was Petya created?
- It’s back from the past. It was first detected in 2016
- It was inspired by WannaCry. Initial reports suggested that it uses the same Eternalblue exploit, targeting a flaw in Windows legacy systems. This means it can easily spread to your computer via phishing emails.
- It wants your money. The ransom is $300, paid in Bitcoin, the same ransom as WannaCry. The group responsible for the virus asked for a “public” donation of $250,000 to release the decryption key. This is very original.
How to protect yourself:
- Run a routine FixMeStick scan. Petya can be detected by the 3 antivirus engines powering the FixMeStick.
- Run antivirus software while working on your device.
- Update your operating system, anti-virus software, and FixMeStick. Updates provide patches and newly improved protection. If you missed a Windows update, click here.
- Backup your files. SOS Online Backup can help!
- Don’t send unknown people money. Even if you pay the fee, there is no guarantee you will get your files back. This also opens more traceable information to your bank account.
- Don’t open email attachments from unknown senders or strange emails. Avoid getting caught in a phishing scam!