Posted by DNS Texas Support on June 27, 2017 in DNS Texas Communications, Security Alerts | Comments
On Tuesday 6/27/2017 another massive ransomware attack hit the world. This one is known as ‘Petya’ appears to have originated from a highly sophisticated Russian strain of the WannaCry strand that hit back in May 2017. The ransomware, if launched, will encrypt all files on the user’s computer, making them unusable. The ‘worm’ also transmits via networked computers to other computers and servers in the organization to spread itself. The creator demands about $300 worth of Bitcoin to provide the decryption keys (per machine) if infected. It is hit and miss as to whether or not you actually get the decrypter though, as for some time now only about 50-60% actually get their data back even after paying ransoms. The FBI recommends no one ever pay the ransoms as this just keeps this dark business going and encourages further development.
URGENT Malware/Ransomware Newsletter – May 2017 As you may have heard, a new threat has emerged on the internet known as WannaCry (AKA Wcry and WannaCryptor), although the exploit is not new as far as what it does, this latest ransomware threat has already crippled companies overseas and has started to show up in the U.S. including FedEx. The threat comes in the form of a malicious email, that may have a fake invoice (PDF or Word Document) or something similar attached that sounds important (to make you want to open it). The exploit can launch once the attachment is opened. Some have also reported that simply previewing the email can launch the hidden script in the background to launch the ransomware process (but this is unverified).