Specialist IT Services

 



Contact Info

Postal Address: PO Box 28-418 Remuera, Auckland
Ph: +64 9 524-9999
Email: enquiries@selectit.co.nz


 

 

RELIABILITY, great service,
rapid response time

 
Jun 29, 2017

Petya Ransomware


Ransomware – Petya and its inevitable many variants

By now, most of the IT world has been made aware of a cyber attack initially focussed on the Ukraine. Almost following the sun’s dawn across the globe, the infection has spread to Europe, America and finally nit the Pacific nations..

Petya exploits the same vulnerabilities as the Wannacry ransomware infection of a few weeks ago. Goldeneye (Petya variant) has already made its presence known, with NotPerya, Petya.C and even a PetyaCry following on.

The initial attack vector was an update for a tax accounting app called Medoc. This was effected through the usual Phishing styled attacks, relying on the unobservant or uninformed (ooooh it's bright and shiny, let me get that!) opening up the payload as an attached Office document.

The BIG change from the initial attack is that variants collects locally stored login credentials, the uses a tool usually employed by Admin level staff (PsExec) to get in and cause damage….

Petya’s variants encrypt the Master Boot Record, effectively disabling the machine.

What to do if you think you are vulnerable?

Call me, or email me, and I will get my super tech team onsite to evaluate and assist in hardening your systems against attack

Anton

027 524 9995

anton.schutte@selectit.co.nz

 

 

Select IT Partners




Latest News