Worldwide NotPetya Ransomware Outbreak using EternalBlue exploit

June 27, 2017 | SHARE >

A new and nastier ransomware outbreak has been detected and is spreading rapidly across the globe is using the same exploit as last month’s WannaCry.  This one is a variant of Petya which encrypts your whole disk and renders the computer completely useless.

If you have yet to install the Microsoft fix—MS17-010— you should do so immediately. Be extremely suspicious of all e-mails you receive, particularly those that ask the recipient to open attached documents or click on web links. You should also ensure that your backups are current.  If your business does not have a business continuity solution in place contact us today. Please remember and remind others to Think Before you Click.

UPDATE 6/29:
Analysts have determined that the Ransomware aspect of this threat is more of a smokescreen.  After monitoring this issue it appears to be cyber warfare in action.  As the affected machines do not have the chance to recover the files.  Several indicators reveal this:

  1. It never bothers to generate a valid infection ID
  2. The Master File Table gets overwritten and is not recoverable
  3. The author of the original Petya also made it clear NotPetya was not his work

This is significant as it shows how the topic of cyber security has moved from Tech to a CEO and Board-level business issue.

Petya Ransomware Attack – Windows Patch

Recent Blog Posts

  • blog-img

    Scam Of The Week: Massive Netflix Phishing Campaign

    Heads-up! Bad guys are emailing you that your Netflix account has been suspended, and it...
  • blog-img

    Cyber Security Awareness Month: Online Safety

    October is National Cyber Security Awareness Month which is an annual campaign to raise...
  • blog-img

    [ALERT] The IRS Issued An Urgent Warning Against An IRS / FBI-Themed Ransomware Phishing Attack

    Heads-up! The IRS is warning against a new phishing scam that tries to make you download...