RSS   Newsletter   Contact   Advertise with us

Encrypting ransomware Petya attacks computers worldwide

Staff Writer | June 27, 2017
The encrypting virus Petya that attacked the computers of Russian oil major Rosneft on Tuesday has affected a large number of countries worldwide, Kaspersky Lab Global Research and Analysis head Costin Raiu wrote in his Tweeter account.
Hackers   Kaspersky Lab Global Research and Analysis
The new Petrwrap/Petya ransomware that emerged on June 18 this year "has a fake Microsoft digital signature appended," Raiu said.

InfoWatch Head Natalia Kaspersky told TASS that the encrypting virus emerged more than a year ago. It mainly spreads through phishing messages.

According to Natalia Kaspersky, the first variant of the virus Petya sought to obtain administrator privileges.

"If the administrator privileges were not obtained, it was powerless. That is why, it united with some other extorting virus Misha, which had the administrator privileges. This was an improved version, a backup encrypting malware," she said.

According to the preliminary data of Group-IB, the virus has attacked about 80 organizations in Russia and Ukraine. The virus Petya blocks computers and prevents users from uploading an operating system.

The virus extorts a $300 ransom in bitcoins for the work’s resumption and file-decrypting.

The large-scale virus attack on oil, telecoms and financial companies in Russia and Ukraine was registered at about 2:00 p.m. Moscow time.

Russian oil company Rosneft said Tuesday its systems were the target of a cybersecurity attack, just as industry analysis finds sector vulnerabilities.[break]

In a statement posted on its official Twitter account, Rosneft said its server was the target of a "powerful hacker," adding it was wary of a possible connection to a legal proceeding involving the company.

A report published Monday by accounting firm Deloitte said oil and gas companies in general show a "limited strategic appreciation" for cyber-related threat issues.

Deloitte said the oil and gas industry last year was the second-most prone to attacks, with about 75 percent of the companies in the United States getting hit at least once.

Only a handful, however, said cybersecurity presented a major risk.