Time to get on: A new ransom attack raging online (updated) • HWzone
TechnologyFeatured articles

Time to fend off: a new infidel attack rages on the net (updated)

updating: researcher Israeli found what could be a "vaccine" for infecting the Petya damage (which has already been nicknamed NotPetya and SortaPetya, because some claim that it is not a damage of the same name that was distributed on a smaller scale in the past): Creating a simple file that should prevent the mechanism from running The encryption in question.

Get updates from everyone in TelgramGet updates from us all at TelgramJoin the channel now

The method, which has been approved by several other sources on the network, requires the creation of a file named perfc in the e- First in your operating system, with no extension and with a read-only definition - and that's it. This solution will not help those who have already been afflicted and of course we have been flooded, but may help to contain a fair amount of future damage to the injury. So until we see a more solid and comprehensive solution - it's definitely something you should do for sure.

Image source: bleepingcomputer.com

Original article: While some companies and organizations are still busy getting over the rush created by the WannaCry malware attack, it seems to have a significant new threat spreading rapidly

There are six whole months ahead of us, but at this point it would not be too much to declare that 2017 might be remembered as the year when the greatest dangers involved Have become clear and tangible for the general public, with merciless attacks that strike anyone who dared not update his operating system at the right time.

A month after the damage that received the nickname WannaCry hit hundreds of thousands of computers around the world, temporarily disabling hospitals, factories, government organizations and even speed cameras and ATMs, hundreds of new reports indicate another "epidemic" is affecting us right now, affecting computers and networks in Eastern and Western Europe, But not only - and meets Petya, with a nearly identical method of file encryption (this time comprehensively and non-individually, with the Master Boot Record encryption in windows), and a $ 300 equivalent payment requirement in Bitcoin to get a key to the process .

Cybercriminals strike again, and powerfully

The main victims of the attack are currently companies in Ukraine and Russia, including the Rosneft oil company, the Evraz metals production company and the Kiev metro and international airport, which may come as a surprise, given that the name of the damage is also a source somewhere in Eastern Europe - but most likely This time the main purpose of the attack is economic, and therefore all means are kosher without exception.

A dedicated "user-friendly" website that explains to extortionists how to make a payment in order to get their files back indicates that this attack is likely to be made for easy profit, first and foremost

Agile analyzes carried out at a number of sites across the network indicate that the Petya damage is based on the same serious outbreak that was also based on WannaCry - which was named Eternalblue, whose existence was revealed by a hacker group this season to name Shadow Brokers and released materials they managed to steal from the US NSA agency Earlier this year. As a result, most of the computers affected by this round appear to be the ones that were not updated in March In the urgent security patch distributed by Microsoft (MS17-010) for most of its operating systems from the current millennium - and may now regret it and pay interest.

ATM encrypted through Petya in Ukraine - one of many, reportedly

Computers that have been updated in the patch in question may also be exposed to Petya's ransom, as part of installing files from untrustworthy sources that hide inside them the malicious files that encrypt your most important personal information - and therefore it is highly recommended to back up all your relevant files now, for all In case, avoid running regulations that you are not sure about their reliability, and also disable the WMIC interface Management Instrumentation Commandline) In your system.

We hope that the current attack will end soon, and will force everyone to take these new Internet threats more seriously


9 תגובות

      1. There is no completely immune system, loopholes are also found on Linux from time to time. But specifically, the damage mentioned in the article cannot damage the Linux system. Linux users also need to install security updates. These usually come from distribution.

  1. Have I already mentioned the rumors of a plot to assassinate and delegitimize Windows?

  2. How do I disable the WMIC service? And what are the implications of its cancellation, does this neutralize the firewall?

Leave a Reply

Back to top button