A ransomware usually targets a victim’s files on the infected computer’s hard drives. It encrypts them and prevents user access. The user becomes unable to access the encrypted files, but the computer system still operates fully. If this wasn’t bad enough, the news is that there has been a new ransomware in the wild that locks down your whole system. This new threat is called Petya ransomware. What Petya does is that, instead of just encrypting important and crucial files, it just encrypts the whole hard drive instead. This prevents the victim from accessing any files or data on the hard drive, including Windows.
The attackers implement this ransomware by sending a harmless looking e-mail. The e-mail appears to be an innocuous job application. It includes instructions to download a CV hosted in the Dropbox. The CV file contains the ransomware and if you open it, it instantly trashes your boot record causing your computer to crash.
After the affected computer reboots, a message appears saying that one of your disks contains errors and it needs to be repaired. The message also mentions that the process may take several hours. This is when the victim’s entire hard drive is being encrypted.
When the whole process is completed, after the computer is booted, the ransom message is displayed. The message demands to pay a ransom via Tor or permanently lose access to everything on your hard drive. The ransom payment also doubles after 7 days. G Data recommends not paying the ransom and backing up your data periodically. That way, you can just copy that image back across, in case your system gets affected.
One hospital has already paid the ransom amount of $17,000 in bitcoins, after being affected by the Petya ransomware, and being locked out of its system. The attackers behind this, target businesses more than individuals. And while this ransomware isn’t the first one online, it is very dangerous. The encrypted files are impossible to decrypt. The only way to access your files again is to buy the key by paying the ransom.
At times, people open unknown emails and files, without considering the potential danger and its implications.Attackers that deploy the Petya ransomware, rely on this. In order to prevent falling a victim to this ransomware, it is recommended to avoid opening files or links in emails received from unknown people.