Breaking Huge Global CyberAttack spreading right now. Probably a Petya variant that spreads through SMB

[Jithin91]

Ukraine's government has reportedly been hit by a huge cyber attack, along with several banks, energy firms and even the country's Metro network. Ukrainian state-run aircraft manufacturer Antonov was also affected by the attack, according to the company's spokesman. The petrol stations had been forced to shut down after the attack.

Targeted in Ukraine cyberattack:
- Metro network
- Electric grid
- Ministry sites
- Airport - Banks
- Media outlets
- State owned companies

Update 1:
after cyber attack reports from Ukraine, now reports are coming from around the world regarding cyber attacks.

 

[Jithin91]

A number of firms around the world are reporting that they have been impacted by a major cyber attack. Russia, UK, Spain, Holland among affected

Huge Global CyberAttack / Ransomware spreading right now. Probably a Petya variant that spreads through SMB

**story is developing...

 

[Sai Jai]

Petya Ransomware Hits Operations at India's Largest Container Port

..

 

[Sarkar]

Infect me if you can :grin

 

[sumitroy]

Officials are warning it is critical to update your Windows computer, in the midst of a global cyber attack.
The threat comes from a ransomware known as Petya, which so far has affected shipping giant Maersk and forced the Chernobyl radiation monitoring system offline.
The government's cybersecurity taskforce, Cert, said Petya only needs one out-of-date computer to infect a whole network.
In March this year Microsoft released a patch for the vulnerability Petya exploits.

Global cyber attack: Windows computers must be updated, officials say

 

[Sai Jai]

Ransomware 2.0 blitzes several Indian, European companies - ET Telecom

..

 

[Sai Jai]

What is Ransomware ?? How to protect our devices from it??

Check it here

Home

..

 

[sumitroy]

Originally identified as Petya, a ransomware that first started circulating in 2016, the current attack now appears to be a Petya offshoot, with added refinements such as stronger encryption. Some researchers call this new iteration “NotPetya” or “GoldenEye,” while others still refer to it as Petya https://www.wired.com/story/petya-ransomware-wannacry-mistakes/

 

[Sarkar]

Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak

While analyzing the ransomware's inner workings, Serper was the first to discover that NotPetya would search for a local file and would exit its encryption routine if that file already existed on disk.

The researcher's initial findings have been later confirmed by other security researchers, such as PT Security, TrustedSec, and Emsisoft.

This means victims can create that file on their PCs, set it to read-only, and block the NotPetya ransomware from executing.

While this does prevent the ransomware from running, this method is more of a vaccination then a kill switch. This is because each computer user must independently create this file, compared to a "switch" that the ransomware developer could turn on to globally prevent all ransomware infections.


How to Enable the NotPetya/Petna/Petya Vaccine

To vaccinate your computer so that you are unable to get infected with the current strain of NotPetya/Petya/Petna (yeah, this naming is annoying), simply create a file called perfc in the C:\Windows folder and make it read only. For those who want a quick and easy way to perform this task, Lawrence Abrams has created a batch file that performs this step for you.

This batch file can be found at: https://download.bleepingcomputer.com/bats/nopetyavac.bat

Full instruction is here

Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak

 

[ABCDEFGH]

All the data in my laptop is not that important that i will pay money for it.

I will just start over. :grin