PETYA Crypto-Ransomware Information
Threat-Alert – PETYA Ransonware
A new global Cyber attack is underway. Ransomware-Petya is different than regular ransomware, not only does this malware have the ability to overwrite the affected system’s master boot record (MBR) in order to lock users out, it is also interesting to note that it is delivered via a legitimate cloud storage service (in this case, via Dropbox).
PLEASE BE EXTRA DILIGENT IN OPENING UNKNOWN ATTACHMENTS AND LINKS IN EMAIL – CONTACT YOUR ONSITE IT OR CALL ITEX +44 (0)1624 670490 FOR ADVICE.
This appears to be a complex attack which involves several attack vectors. A modified EternalBlue exploit is used for propagation at least within corporate networks.
1. Make sure that the your Anti/Virus and Internet Security components are up-to-date and turned on.
2. Ensure your Anti-Virus has been updated recently, find the update link and click it, ensure this is done regularly over the next few days.
3. Install all security updates for Windows. The one that fixes bugs exploited by EternalBlue is especially important.
4. Be diligent and do not open attachment or links that you were not expecting.
More information can be found on these sites, if you are unsure please call us on +44 (0)1624 670490.
https://labs.bitdefender.com/2017/06/massive-goldeneye-ransomware-campaign-slams-worldwide-users/
https://www.kaspersky.co.uk/blog/new-ransomware-epidemics/11249/
https://kc.mcafee.com/corporate/index?page=content&id=PD26470
ITEX CyberSecurity Team – 280617