Blog

Alert: Petya Ransomware May Be the Worst Yet

b2ap3_thumbnail_more_ransomware_400.jpgRansomware is such a popular method of attack used by hackers that new variants of it pop up every few months. Among these is Petya, a nasty new ransomware that masquerades as an unsolicited resume in an organization’s email inbox. Don’t be fooled, though; the only work these hackers are looking for is to work you out of a couple hundred dollars.

Once the file has been downloaded, Petya causes a Windows error and forces the system to endure the typical “blue screen of death,” causing a reboot. The computer will then display a red skull and crossbones, and a fraudulent “system check” infects and encrypts the master file table (MFT) with military-grade encryption protocol. This causes the computer to basically forget which files it has, and where they are stored.

Rather than closing access to particular files, Petya completely locks the user out of the system by overwriting the computer’s master boot record. The computer is essentially rendered useless by the user, who can’t even log in. Petya will display a list of demands, as well as how to meet them. As is the case with most ransomware, the ransom must be paid in Bitcoin. Once this has been done, the criminal supplies a decryption key that’s used to regain access to the files.

The initial cost for the decryption key is .99 Bitcoins, which is an estimated $430. However, paying for the decryption key isn’t that simple. Once the user accesses the payment page, they’re given a limited amount of time to access the key before the price is doubled. While there are some websites that claim there are commands that can allow users to skip the lock screen, the MFT will still be encrypted, rendering the files useless. Even if the user pays the ransom, there’s still no guarantee that the decryption key provided by the hackers will work. This is why we always suggest that you don’t pay the ransom, and instead contact a professional technician who can consult you on the situation.

In particular, business owners and human resources representatives who are responsible for the hiring procedure are the preferred targets. Petya is distributed through emails that are disguised as potential job seekers. The message will often contain a hyperlink that redirects to a Dropbox containing a resume, which is really just a Trojan horse containing Petya that’s capable of weaseling its way past your antivirus solution. Petya had been causing significant trouble for German businesses, but a programmer has found a solution. Admittedly, it’s a tricky solution to implement, but it’s still preferable to paying a ransom.

As is the case with most ransomware, your best chance of escaping unscathed is by dodging the attacks altogether. Ransomware is notoriously difficult to crack, even for seasoned IT veterans, but keeping a watchful eye on anything you find on the Internet can help you avoid infections. With White Mountain IT Services’s security solutions, you can proactively detect and eliminate threats to your IT infrastructure. To learn more, give us a call at 603-889-0800.

Related Articles

  • Could Your Router be Infected with Malware? Certain threats out there are dangerous enough to cause major entities to warn against them. In particular, a recent malware by the name of VPNFilter has been deemed dangerous and prevalent enough that the FBI has addressed it. Since the malware targets routers (probably not your first guess in term...
  • Alert: New Malware Infects Millions of Mobile Devices While security experts tend to focus the brunt of their discussions on desktop OS vulnerabilities, there are plenty of mobile malware threats that fly under the radar. One such malware is called Hummer; a trojan that installs unwanted apps and malware on a device, and can be found on over a million ...
  • Advanced Malware is Targeted, Stealthy, Evasive, and Adaptiv... The online world is a scary place. Viruses, malware, spyware, adware, and more are all out there trying to get at your network. These threats are almost always prevalent, but compared to each other, some are vastly superior and far more dangerous and advanced than the others. Advanced malware has th...
  • Honor Among Hackers? Not for Those Who Hack Hospitals It’s safe to say that hacking is a frowned-upon practice, but that hasn’t stopped cyber criminals from attempting to turn a profit off of it. This practice has led them to target nonconventional organizations, including hospitals and other healthcare facilities. However, just because a hacker can ta...
  • Alert: Email Appearing to Be From Microsoft about Windows 10... For many Windows users, the fact that Microsoft is issuing Windows 10 incrementally came as a shock for those who patiently waited for its release date. While users wait, however, hackers are taking advantage of those who are less patient by creating a ransomware that disguises itself as a launcher ...
  • 3 Common Threats You Need to Know About: Malware, Rootkits, ... Security is one of the most important parts of running a business, especially today when organizations rely so heavily on their technology solutions. Some of the most dangerous threats lurk on a business’s network, watching and waiting for an opportunity to do some real damage. With the right preven...
With the surge in the number of small and medium businesses that have fallen prey to malware and cyber criminals, there is a lot of focus of what an organization can do to prevent being a victim and how the company should handle themselves after an attack. There is another key factor to preventing cyber criminals from penetrating into your network:...

- Onsite Service Coverage Area -

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH and then down into Boston. From Northern and Central Mass we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

603-889-0800

White Mountain IT Services
33 Main Street Suite 302
Nashua, New Hampshire 03064

 

 padlock1  Cyber Security Toolkit

cloud desktop2 Cloud Desktop Login

Open Positions