After Wannacry ransomware, here is the another variant of ransomware, "Petya or Petrwrap" that emerge out with a very quick spreading capability and Infecting vulnerable windows system.
Just few hours ago several business and users from the Worldwide have reported that they have been infected by an new variant of ransomware. Users who are infected have shared image of the infected system on Twitter and other social media.
A infected system displays red text on a black background, and demands $300 worth of bitcoin.
Antivirus company, Avira have said on Twitter that the attacks were taking advantage of the EternalBlue exploit previously leaked by the group known as The Shadow Brokers. Symantec, another security firm, later tweeted that its analyst "confirmed" that the outbreak spread using EternalBlue.
EternalBlue is the same exploit used in the WannaCry attacks, it takes advantage of a vulnerability in the SMB data-transfer protocol, and Microsoft has since patched the issue. However, whether customers apply that patch is another matter.
Kaspersky Lab reported that the ransomware hit Russia, Ukraine, Spain, France, among others. Several people on Twitter reported witnessing or hearing reports of the outbreak in their respective countries, and across a wide range of industries. Companies around the world also reported computer outages.
Just few hours ago several business and users from the Worldwide have reported that they have been infected by an new variant of ransomware. Users who are infected have shared image of the infected system on Twitter and other social media.
A infected system displays red text on a black background, and demands $300 worth of bitcoin.
"If you see this text, then your files are no longer accessible, because they are encrypted," the text reads, according to one of the photos. "Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service."
EternalBlue is the same exploit used in the WannaCry attacks, it takes advantage of a vulnerability in the SMB data-transfer protocol, and Microsoft has since patched the issue. However, whether customers apply that patch is another matter.