Categories
Operating Systems Security Windows

Petya Ransomware Attack

A new ransomware attack, tentatively named Petya, is occurring worldwide on Microsoft Windows computers.  It is also known under the aliases NotPetya, GoldenEye, Petrwrap, and Mischa.

This new ransomware can be stopped before damage occurs if a file exists on the computer and its file properties are read-only: C:\Windows\perfc (no file extension).  Instructions on how to create this file can be found at https://www.bleepingcomputer.com/news/security/vaccine-not-killswitch-found-for-petya-notpetya-ransomware-outbreak/.

TomsGuide.com reports that Windows computers with version 7 or higher should be protected from this attack if the March and April 2017 Windows Updates have been installed.  If this is not done, it is recommended that Windows Updates be installed as soon as possible.

US-CERT (U.S. Computer Emergency Readiness Team), part of the Department of Homeland Security, has listed this ransomware under Alert (TA17-181A).