Peyta Ransomware Outbreak
A ransomware outbreak has reportedly hit targets in Spain, France, Ukraine, Russia, and other countries.
Judging by photos posted to Twitter and images provided by sources, many of the alleged attacks involved a piece of ransomware that displays red text on a black background and demands $300 worth of bitcoin.
We believe the ransomware strain is known as Petya or Petrwrap. This is a highly advanced ransomware strain that also encrypts the Master File Table.
As yet we are unaware of attacks in the UK, however, we advise customers to be extremely vigilant and exercise caution when opening emails and accessing any unfamiliar websites.
We are monitoring the situation and will keep our customers updated through our social media channels and the news section of our website.
17:35 – We understand that the delivery method is via a PDF or Zip File attachment on an email.
If you do receive any suspicious emails from known or unknown addresses exercise extreme caution. If in any doubt DO NOT OPEN and call us for further advice.
28/06/17 – 09.39
As the virus appears to have utilised the previously identified security issues within older and unpatched versions of Windows then the risk is minimal for the majority of Your IT customers.
Whilst no ‘kill switch’ has been found a ‘vaccine’ in the form of a single file that can be added to a machine to stop an infection has been found. This ‘fix’ has limited effectiveness as it only protects an individual computer. Whilst the fix seems simple we would not advise individuals to attempt this. It is only required in cases of infection and should be administered by an expert.
The spread of this new ransomware is likely to be much slower than last month’s WannaCry attack, researchers predict, as code analysis showed the new attack did not attempt to spread itself beyond the network it was placed on.
Because of this, several experts are predicting that the attack will not spread significantly further than it did on Tuesday, unless it is modified.
Our advice remains the same:
Do not open attachments on emails received from unknown/unverified sources
If you see anything suspicious give us a call.