Petya Ransomware Cyber Attack
Ukraine’s government, National Bank, and biggest power companies all warned of cyber attacks Tuesday. Airports and metro services in the country were also reportedly affected, though it appears they’re victims of another massive ransomware outbreak that’s spreading across the world fast and hitting a significant number of critical infrastructure providers. Here are the major incidents that took place till now according to various reports.
- London-based WPP advertising agency among companies hit by ransomware.
- UK Parliament Emails IDs were hacked, but that wasn’t Petya cyber attack.
- Ukrainian government hit, with deputy leader saying all computers are down.
- Russian oil giant Rosnef and Danish ship firm AP Moller-Maersk also affected.
- IT experts said virus appears to be ransomware, similar to ‘WannaCry’ attack
The deputy general director of Kiev’s Borispol Airport, Eugene Dykhne, said in a Facebook post: “Our IT services are working together to resolve the situation. There may be delays in flights due to the situation… The Official Site of the airport and the flight schedules are not working.”
London-based WPP, the world’s largest ad agency, was the first on UK soil to report problems, with staff told to turn off their computers and not to use the WiFi. Europe has been hit by a fresh ransomware virus as a British advertising firm, the Ukrainian government and Russian oil companies were all affected. The Ukrainian government has been badly affected, with the state power distributor and Kiev’s main airport hit as supermarket tills and even ATMs went offline. Here’s the ransom demand appeared in ATMs in Ukraine.
Petya Ransomware which was seen in 2016 is back again and this time it’s too dangerous! It’s taking down the biggest IT companies in Europe, Spain, Britain, Ukraine and many more Russian countries as well. Early rumors were confirmed by Danish Ship firm Maersk indicating that there’s something wrong with their IT system.
We can confirm that Maersk IT systems are down across multiple sites and business units. We are currently assessing the situation.
— Maersk (@Maersk) June 27, 2017
In Ukraine, government departments, the central bank, a state-run aircraft manufacturer, the airport in Kiev and the metro network have all been paralyzed by the hack. It was not just the IT firms, even the Deputy Minister of Ukraine wasn’t shown any mercy reports Forbes. Here’s what the minister shared on Twitter showing the infected PC screen at the office.
— Christian Borys (@ItsBorys) June 27, 2017
That doesn’t end the story here! There a lot more to it! Similar to WannaCry attacks which were observed last month, Petya Ransomware is going at the same pace which uses Eternal Blue exploit as WannaCry did. Avira said in a tweet, the users who have Avira are safe from this attack! Here’s the tweet
— Avira (@Avira) June 27, 2017
A researcher for Kaspersky Lab identified the virus as Petrwrap, a strain of the Petya ransomware identified by the firm in March. One recovered sample was compiled on June 18th, suggesting the virus has been infecting machines in the wild for some time. Still, according to a recent VirusTotal scan, only four out of 61 antivirus services successfully detected the virus.
How Does PetrWrap Ransomware Work?
The Verge reports, PetrWrap itself appears to be a straightforward ransomware program. Once infected, the virus encrypts each computer to a private key, rendering it unusable until the system is decrypted. The program then instructs the user to pay $300 to a static Bitcoin address, then email the bitcoin wallet and personal ID to a Posteo email address. As of press time, blockchain records showed eight transactions to the target wallet, totaling roughly $2,300. It’s unclear whether any systems have been successfully decrypted after payment.
Follow the below-given tweets to know more about this Petya Ransomware cyber attack which is ongoing in Russia, Ukraine, Spain, Britain, Europe and different parts of the world.
Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts to tackle the issue ? pic.twitter.com/RsDnwZD5Oj
— Ukraine / Україна (@Ukraine) June 27, 2017
Just called my father. He says he couldn’t buy fuel at a petrol station, the system is shut down.
Everyone is disoriented.
— Kateryna_Kruk (@Kateryna_Kruk) June 27, 2017
“The Ukraine cabinet of ministers seems to also have been hacked. The network is down” says deputy PM. This is turning into 1 hell of a hack https://t.co/nnZrcDgOoq
— Alec Luhn (@ASLuhn) June 27, 2017
Та-дам! Секретаріат КМУ по ходу теж “обвалили”. Мережа лежить. pic.twitter.com/B74jMsT0qs
— Rozenko Pavlo (@RozenkoPavlo) June 27, 2017
— Graham Cluley (@gcluley) June 27, 2017
This isn’t over yet. There’s always more to it when it comes to Ransomware attacks similar to what happened last month in WannaCry attacks. At present, WannaCry 3.0 version is silently doing the work and it’s not stopping yet. Stay tuned to this post so that you can complete details about Petya Ransomware attacks right here!