At first Petya (or Petwrap, NotPetra) seemed like a very similar attack to WannaCry, which was unleashed in May, causing havoc and mayhem to many parties, especially for the UK’s NSH and Spain’s Telefonica.
With WannaCry, computers and networks were frozen, but connected to a Bitcoin account. Many victims, wisely, did not pay, and many reports claim the hackers behind WannaCry only made about $35,000 of traceable Bitcoins. Experts claimed it was “amateurish.”
So now it is almost the 4th of July, and Petya has been unleashed upon the globe. But this time the dark hats do not want money. Through a two step process, Petya is malware at its worst. It behaves similarly to WannaCry, freezing computers and throwing up pages demanding Bitcoins.
But wait–it gets worse. Reports say now, all the Bitcoin routing number are the same on all screens. The hackers do not want money. Instead they diligently delete everything on the computer and the backup. No hope for recovery. Total computer network destruction. Globally.
There is much speculation, but some fear it is the same cybercriminals getting better, maybe practicing for an even bigger blow out in the near future. A zero day incident that, if deployed correctly, could make this blogpost impossible. So back up, prepare, patch, educate employees and get a better, faster, stronger security plan in place.
It’s not IF we will we be attacked, it’s WHEN. And if they do not want money, they want something far more valuable or dangerous.
Visit www.aerislogic.com/ransomware for more information