updating: researcher Security Israeli found what could be a "vaccine" for infecting the Petya damage (which has already been nicknamed NotPetya and SortaPetya, because some claim that it is not a damage of the same name that was distributed on a smaller scale in the past): Creating a simple file that should prevent the mechanism from running The encryption in question.
The method, which has been approved by several other sources on the network, requires the creation of a file named perfc in the e-Windows First in your operating system, with no extension and with a read-only definition - and that's it. This solution will not help those who have already been afflicted and of course we have been flooded, but may help to contain a fair amount of future damage to the injury. So until we see a more solid and comprehensive solution - it's definitely something you should do for sure.
Original article: While some companies and organizations are still busy getting over the rush created by the WannaCry malware attack, it seems to have a significant new threat spreading rapidly
There are six whole months ahead of us, but at this point it would not be too much to declare that 2017 might be remembered as the year when the greatest dangers involved Network Have become clear and tangible for the general public, with merciless attacks that strike anyone who dared not update his operating system at the right time.
A month after the damage that received the nickname WannaCry hit hundreds of thousands of computers around the world, temporarily disabling hospitals, factories, government organizations and even speed cameras and ATMs, hundreds of new reports indicate another "epidemic" is affecting us right now, affecting computers and networks in Eastern and Western Europe, But not only - and meets Petya, with a nearly identical method of file encryption (this time comprehensively and non-individually, with the Master Boot Record encryption in windows), and a $ 300 equivalent payment requirement in Bitcoin to get a key to the process .
The main victims of the attack are currently companies in Ukraine and Russia, including the Rosneft oil company, the Evraz metals production company and the Kiev metro and international airport, which may come as a surprise, given that the name of the damage is also a source somewhere in Eastern Europe - but most likely This time the main purpose of the attack is economic, and therefore all means are kosher without exception.
Agile analyzes carried out at a number of sites across the network indicate that the Petya damage is based on the same serious outbreak that was also based on WannaCry - which was named Eternalblue, whose existence was revealed by a hacker group this season to name Shadow Brokers and released materials they managed to steal from the US NSA agency Earlier this year. As a result, most of the computers affected by this round appear to be the ones that were not updated in March In the urgent security patch distributed by Microsoft (MS17-010) for most of its operating systems from the current millennium - and may now regret it and pay interest.
Computers that have been updated in the patch in question may also be exposed to Petya's ransom, as part of installing files from untrustworthy sources that hide inside them the malicious files that encrypt your most important personal information - and therefore it is highly recommended to back up all your relevant files now, for all In case, avoid running regulations that you are not sure about their reliability, and also disable the WMIC interface Windows Management Instrumentation Commandline) Microsoft Office In your system.