Not long after the horror of the Wannacrypt ransomware episode, another similar attack has caused panic throughout the globe. Major companies and government organizations have reported being affected by a new Wannacrypt ransomware episode, another similar attack has caused panic throughout the globe. Major companies and government organizations have reported being affected by a new Ransomware attack.
Petrwrap or NotPetya Ransomware
Among the first major companies to report the incident was British advertising company, WPP, which claims that the attack has disrupted its IT systems. But later when Ukrainian firms like the state power agency and the main airport at Kiev reported the same issue, the extent of the attack could be judged as serious.
Unfortunately, the extent of the attack is such that it made the authorities handling the Chernobyl nuclear power plant manually since their Windows-based sensors shut down after the attack.
Esteemed computer scientist Prof Alan Woodward said that this seems to be a form a ransomware Petya that emerged last year. The newer version is being called Petrwrap owing to its resemblance to Petya ransomware. But Kaspersky says it is not and refers to it as NotPetya.
IT security firm Kaspersky said that the attack by the ransomware had been reported from Germany, France Poland, Italy, and the US in addition to Russia, Ukraine, and the UK. In India, the JNPT Port has been reportedly affected.
If anyone is wondering how these blackmailers can protect their identity and dodge the law, they are asking for the payments in the form of Bitcoins. Bitcoin wallets are associated with an email ID, but that doesn’t guarantee all information of the attackers.
Rather, a Bitcoin wallet holding 1.5 bitcoins – approximately $3,500 is under scrutiny since it received many payments from the ransomware’s victims. The email ID associated with that account was blocked by its provider, a German email provider Posteo.
Microsoft MVP Damien Van Robaeys from France tweeted,
Be careful. There is an attack from a new ransomware… All our computers are impacted…
Chris Wysopal, a security expert, said that the attackers exploited the same loopholes that were used by the Wannacry ransomware. Wannacry was tackled quickly, and that made everyone so complacent that the security loopholes weren’t taken care of.
Such attacks are expected to continue because the attackers find it to be a comfortable business. A South Korean company reportedly paid the attackers $1 million to get their data back! With such huge incentives, cyber-criminals wouldn’t want to back out any soon.
UPDATE: A Vaccination for the NotPetya Ransomware has been found that can kill the ransomware in its tracks.
- Tags: Ransomware