A new strain of the Petya ransomware started propagating on June 27, 2017, infecting many organizations. Similar to WannaCry, Petya uses the Eternal Blue exploit as one of the means to propagate itself.
Am I protected from the Petya Ransomware?
Make sure your anti-virus software from a legitimate source and virus database are up to date.
Make sure your important business or personal data is backed up.
Make sure your Windows is up to date.
What is Petya?
Petya has been in existence since 2016. It differs from typical ransomware as it doesn’t just encrypt files, it also overwrites and encrypts the master boot record (MBR).
In this latest attack, the following ransom note is displayed on infected machines, demanding that $300 in bitcoins be paid to recover files:
How does Petya spread and infect computers?
One of the methods Petya uses to propagate itself is by exploiting the MS17-010 vulnerability, also known as Eternal Blue
Who is impacted?
At the time of writing, Petya is primarily impacting organizations in Europe. But the United States will be a potential target.