Categories: NewsSecurity

NotPetya Ransomware Attack can be Stopped in its Tracks With a Simple Batch File

The world awoke to a rather nasty surprise yesterday, as a new global ransomware attack was discovered. At first, it was assumed this was a Petya ransomware attack, but those claims were discredited later on. Luckily, it appears this undefined ransomware can be someone remedied, albeit there is no official killswitch whatsoever. It is evident criminals are not giving up on ransomware anytime soon.

Yet Another Global Ransomware Attack

One would expect corporations and institutions to be aware of ransomware threats in 2017. So far, that hasn’t been the case, as we have seen two global attacks in recent months. First of all, there was the WananCry ransomware attack, which infected over 200,000 computers and systems all over the world. Yesterday’s attack appeared to be an undisclosed type of malware, which is clearly not Petya.

More specifically, a lot of news outlets claim this is a Petya ransomware outbreak, but that is not the case. A thorough analysis of obtained samples turns out the ransomware strain shares some similarities with Petya, but it is also very different in other regards.  For the time being, this malware has no official name, although some researchers refer to it as NotPetya or Petna. It will take some time until it has an official name.

What makes this particular malware so powerful is how it locks up hard drives and Master Boot Record sections. As one would come to expect from a  ransomware attack, the criminals trick victims into paying a ransom amount in Bitcoin. In this particular case, it appears victims had to pay US$300, which is somewhat of an average amount for ransomware attacks these days. However, there is no point in paying the ransom whatsoever, as it would not result in receiving the decryption key.

Related Post

More specifically, victims had to send an email to a particular email provider to get the decryption key. However, the email service provider has successfully shut down the inbox pertaining to this undisclosed ransomware attack. This means anyone trying to send an email to the address will not get through. This means paying the ransom is utterly pointless, as there is no way to get in touch with the ransomware developer whatsoever. It is evident this ransomware doesn’t use a command-and-control server, which makes it very difficult to get rid of the malware.

Luckily, it appears there is a “vaccine” to counter this malware. It is not something that will stop the malware from spreading itself on a global scale, but it can help some victims out. Users will need to create a file in their Windows folder with read-only permissions. A batch file has been created to perform this step on behalf of the computer user, which is developed by Lawrence Abrams. It is quite interesting how a simple file can prevent the ransomware from harming your computer.

For those people who have already been infected by this undefined ransomware, it will be quite challenging to get rid of the malware itself. There is no free decryption tool available right now, and it may take a few more weeks or months until that situation changes. It is evident far too many computers remain vulnerable to ransomware attacks. For the time being, it is unclear what made this particular malware strain so successful, although it is possible the ransomware leverages some well-known exploits.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Cheems Surge On BSC Network: A Rising Star With Growing Market Value

The Cheems token on the Binance Smart Chain (BSC) is gaining significant momentum, surging by…

5 hours ago

Lester Token Crashes 40% Following Official Announcement

The value of $LESTER plummeted by 40% in the past 24 hours, leaving its market…

5 hours ago

From $30K To Millions: The Wild Journey Of $Quant And Xiaohaige’s Memecoin Stunts

In a bizarre turn of events, a young live-streamer known as Xiaohaige created the memecoin…

5 hours ago

Whale “convexcuck.eth” Makes Bold $CVX Move, Nets Significant Profit Amid Price Surge

The crypto whale known as "convexcuck.eth" has made waves in the DeFi world, spending $2…

5 hours ago

$ELIZA Token Launch Marred By Insider Trading Allegations

The launch of $ELIZA, a token introduced by Andreessen Horowitz (a16z) partner @shawmakesmagic, has sparked…

6 hours ago

Cardano’s Rally Highlights Diverging Moves Among Investors

Cardano ($ADA) has been making waves in the crypto market, breaking away from the altcoin…

6 hours ago