Petya ransomware attack strikes companies across Europe US

Prajwal Desai
Posted by Prajwal Desai

After Wanncry ransomware attack, the new Petya ransomware attack is in the news. The Petya ransomware attack strikes companies across Europe US and Ukraine. Many organizations have been victim of this attack. After Wannacry this is the second largest attack observed across the globe. Like WannaCry, Petya ransomware spreads rapidly through networks that use Microsoft Windows operating systems. The Petya ransomware has caused serious disruption at large firms. This includes the advertising giant WPP, French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft.

Ransomware is a variant of malware. Once it enters the computer, it blocks the access to data and demands huge money to decrypt the files. While it’s still not clear on who’s behind this but it seems likely it is someone who wants to just make money out of this.

Petya ransomware attack strikes companies across Europe US
Source – Pic from Twitter

The infected computers display the following message. If you see this text, then your files are no longer accessible because they have been encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service. To decrypt the files the attacker demands a $300 ransom in the Bitcoin digital currency. Most of all the attacker asks to send the Bitcoin wallet ID and personal installation key to email. However the email address has been shutdown by email provider posteo.net. So there is no way to pay the ransom and get files decrypted.

Petya ransomware attack strikes companies across Europe US
Source – Pic from twitter by Hacker Fantastic

What to do if affected by ransomware – Remember that this ransomware encrypts the files post the reboot. As per the tweet from hacker fantastic, it’s advised to power off your computer if you see something like this. The message displayed is do not turn off your pc. But to stop the encryption, you have to power off the pc immediately.

Share This Article
Prajwal Desai
Posted by Prajwal Desai
Follow:
Prajwal Desai is a Microsoft MVP in Intune and SCCM. He writes articles on SCCM, Intune, Windows 365, Windows Server, Windows 11, WordPress and other topics, with the goal of providing people with useful information.
Leave a comment