NotPetya Ransomware possible vaccine developed – Updated

  • Chris Hecht
    Post count: 5
    #77134 |

    The NotPetya Ransomware (also known as Petna, and SortaPetya) is spreading around the globe very quickly. It only affects Windows computers via two vulnerabilities – one in Office (CVE-2017-0199) and the same one in SMBv1 that WannaCry used. If you patched your system for WannaCry (or keep your computer up-to-date) then you will slow but not necessarily stop the infection. The malware encrypts your files and demands a ransom to provide the decryption key. Unfortunately, the email box used to correspond with the malware author is now off-line.

    Security researchers have found a way to prevent the encryption by creating three files and making them read only. For more information, see this article on the Bleeping Computer web site.

    Since this is a very recent attack, security researchers are still trying to discover what mechanisms are involved. Some anti-virus software has been updated to protect your computer but not all, yet.

    UPDATE: for a good summary see this The Register article.

You must be logged in to reply to this topic.