The aftermath of a worldwide cyber attack has a few main characteristics. All of a sudden, everybody cares about the incident, publishes articles, dedicates their time to speak out about the prevention of similar tragedies. On the other hand, a part of the world remains either shocked that they have lost their files or ignores the accident completely.
So, after a thorough examination that was dedicated to Petya (NotPetya or Petna), the truth was revealed. Shockingly, Petya is no ransomware: it corrupts devices and fails to create favorable conditions for the file-decryption to be feasible. To put it in other words: Petya is not aiming for money but rather pure joy of seeing thousands of people lose their files without any chance of recovery.
Ransomware experts are not profoundly impressed by this discovery as similar tactics have been seen before. Viruses impose as ransomware while actually, their initiated damages are not reversible, but ransoms are required anyway. While crypto-infections are awful and becoming infected with them is a tragic accident, having your files doomed for good is even more devastating. Fake ransomware infections are gaining some popularity among the authors of such malware and there is no doubt about that.
This is a drastic change from the original version of Petya which was more obsessed with receiving bitcoins for their files. However, the fact that NotPetya does not handle file-decryption shall not permit us to imply that hackers are not aiming to get money. Since the ransom note cunningly breeds hope that files can be decrypted if the ransom is paid, victims can fall for this lie and send bitcoins. Decryption will never occur, tho.
While many ransomware variants avoid the areas and files that could significantly damage an operating system (to the point of complete corruption), NotPetya strives to attack these parts. While at first it was assumed that the original Petya and this new virus are related, possibly even generated by the same hacker, this hypothesis is doubted more and more.
Strategic decisions and expectations for results are too different and presumed connection just no longer seems logical. In fact, security researchers are finding more comparabilities between NotPetya and XData variants. Both of their targets and distribution methods are focused (but not limited) on Ukrainian users and their services.
Protect yourself from this infection by following guidelines that are enumerated at the end of this article. Creating a read-only file protects computers from NotPetya and this process is considerable simple that even an average Internet surfer can succeed.
Source: engadget.com
