Ransomware Attack: New sophisticated exploit via EternalBlue

A global cyber attack is about now unfolding with the most severe incidents being reported out of Europe — and especially Ukraine, where multinationals have been hit with a ransomware similar to that which infected more than 300,000 computers last month.

While the similarity stems from the fact that the virus includes code known as "Eternal Blue", which were reportedly released from the U.S. National Security Agency (NSA) and used in last month's "WannaCry" ransomware attack.

The new strain of ransomware, Petrwrap that has infected thousands of systems across the world, including massive multi-national corporations like Maersk, Rosneft and Merck; is a variant of a strain first introduced last year called Petya, but now coded to outwit fixes to protect against it.

The virus crippled PCs running Microsoft's Windows software by encrypting hard drives and overwriting files; while a demand of $300 in bitcoin payments was required to restore access.

Microsoft, however stated that it has already issued a patch in a security update in March, and that further investigation is ongoing and will take appropriate action to protect its customers.

Meanwhile, it is recommended that businesses and consumers should make sure their computers are updated with Microsoft patches to defend against the threat.

And victims have been advised not to pay the extortion, as there's no guarantee that access would be restored.
Next Post »