Humaniq

PetrWrap Crypto Ransomware Blocks Security Researchers From Reverse Engineering Code Samples

Cyber criminals are raising the bar once again. Security researchers found signs that indicate there is a cyber war taking place between these crime gangs, all of whom are trying to distribute ransomware to as many victims as possible. A new ransomware family has been identified as well, which goes by the name of “PetrWrap”. So far, it appears this new malware strain shares a lot of similarities with Petya.

Even More Ransomware Threats To Worry About

It is evident cyber criminals will continue to harm computer users by distributing malware and ransomware on a large scale. Now that the PetrWrap family has been discovered, security researchers are greatly concerned about what the future may hold. The malware strain uses the same encryption mechanism as found in Petya ransomware, but there is a twist involved in the process. Thanks to the inclusion of a special module modifying the malware on the fly, Petya creators can’t take control of this new malware.

It seems evident the creators of PetrWrap are trying to out compete other gangs focusing on ransomware distribution. Increased competition among these gangs is the last thing the world needs right now, that much is certain. Keeping in mind how this malware is capable of modifying itself in real-time, it is impossible to tell what will happen in the future. Rest assured this toolkit will be a prized possession on darknet marketplaces moving forward.

At the same time, there is some positive news to take note of as well. Considering how PetrWrap blatantly copies large parts of the Petya ransomware strain, it is evident brand new types of malware are far less common than initially assumed. Researchers have taken notice of how most of the malware families are related in some capacity, confirming most malware developers are taking existing code and changes a few minor aspects to make it appear as if their creation is unique.

It has to be said, the Petya ransomware has been one of the more powerful malware strains the world has ever seen. It was initially discovered in Q2 of 2016, and it was one of the first ransomware types to overwrite the computer’s master boot record. Ever since that time, various types of malware have copied this strategy and tried to gain more traction among cyber criminals

What makes PetrWrap rather unique, however, is how it is the first type of ransomware to effectively block others from modifying their code. This will prevent reverse engineering tactics used by security researchers moving forward. Unfortunately, that also means it will be very difficult to get rid of this malware without paying the bitcoin ransom. It is unclear if users can restore their files from a backup.

In the end, there is plenty of reason to be concerned about cyber crime, though. While it is evident some of the developers are trying to steal others’ work, it also goes to show there will be even more competition among malware creators in the future. For the average computer user, this is anything but good news, that much is certain. PetrWrap is one of the many threats to keep an eye on moving forward, although it remains to be seen if this malware will make a big impact.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.