A new ransomware is in town. Several sources are reporting that the ransomware termed Petya has been infecting firms around Ukraine and might be on its way to other countries like Spain and India. Already reports have begun coming in from several locations in Russia and France about the attack.
While the exact nature and details of the Ransomware remain unknown, it seems to be similar in scope and scale to the Wannacry attack that struck much of the computing world two months back. That attack saw the ransomware forcefully encrypt users’ files and demand a payment to be made entirely in bitcoins for the decryption keys to be released. While it was initially thwarted almost accidentally by activating a kill-switch, it’s code was updated to avoid the kill-switch altogether although the attacks eventually died down in frequency.
The Petya ransomware on the other hand was released last year and seemed to work similar to how Wannacry does. It would quietly encrypt files in the background and then, once done, would declare its presence in a dramatical fashion on the screen demanding a ransom to purchase your key. It appears to be a variant of a piece of ransomware that emerged last year, says Alan Woodard, a computer scientist at Surrey University.
Ransomware attacks have become a highly popular way for hackers to earn money from viruses. Many gullible users fall prey and actually end up paying for the decryption keys. If you’re one of those infected, it’s best to do a system format and reinstall Windows itself as payment really does not yield anything in these circumstances.
We’ll be updating this story with more info as it develops.