Ransomware has been big news and big money in recent months. With WannaCry being in the headlines allot recently with even firms as large as Honda being hit in recent weeks. However we now have a new and even more scary attack doing the rounds dubbed NotPetya.
WannaCry was put to bed relatively quickly with bugs and flaws being found that enabled Microsoft to produce a patch to prevent further EternalBlue hacks. NotPetya is a different kettle of fish though with many people already thought to have become victim including but not limited to: Chernobyl radiation detection systems, the Kiev Metro, banks and even reports of an airport all falling victim to this nasty piece of ransomware.
Now although NotPetya uses the same EternalBlue hack to spread through the Windows SMB this latest piece of software uses many other tricks to spread allot faster through systems and across networks. These extra added tools also add up to a the very scary problem that makes even fully patched Windows 10 machines vulnerable.
Experts have also said that they believe this latest work to be the product of a professional group with such good coding leaving no bugs or issues that could at present be used to produce a “kill switch”. A further issue that has come to light is that Posteo, the provider of the original email domain being used have shut the address down leaving no possible way to make contact and pay the 2.39818893 Bitcoin ($5500 approx) leaving no obvious way to recover data without any backups.
On a good note though is that a spokesman from Microsoft has said they are aware of the issues and are currently investigating. Here at Play3r our best advice at present though is going to have to be a case of vigilance though and just do your utmost best to ensure you don’t get infected in the first place.