Forums >
Off-Topic Discussion >
GoldenEye / Petya ransomware
Uses same attack vector as last month's WannaCry ransomware same patches should protect see --> https://www.modelmayhem.com/forums/post/967184 There are also new security updates dated mid June 2017 (even for XP) Microsoft®Update Catalog http://www.catalog.update.microsoft.com/home.aspx Encrypts on boot if you see this message power off immediately --> https://twitter.com/hackerfantastic/sta … 0766245888 files are not yet encrypted and can be recovered (fake CHKDSK message is the encryption process) Petya Killswitch found (create dummy files as defined in your Windows directory and set as read only) https://twitter.com/0xAmit/status/879778335286452224 https://twitter.com/SubrataJz/status/879790300440428548 New Cyberattack Spreads in Europe, Russia and U.S. https://www.nytimes.com/2017/06/27/tech … ckers.html Petya Ransomware Spreading Rapidly Worldwide, Just Like WannaCry http://thehackernews.com/2017/06/petya- … ttack.html Massive GoldenEye Ransomware Campaign Slams worldwide users https://labs.bitdefender.com/2017/06/ma … ide-users/ How the GoldenEye/Petya ransomware attack reveals the sorry state of cybersecurity http://www.techrepublic.com/article/how … rsecurity/ Who Are the Shadow Brokers? https://www.theatlantic.com/technology/ … rs/527778/ Fearing Shadow Brokers leak, NSA reported critical flaw to Microsoft https://arstechnica.com/security/2017/0 … microsoft/ "WaPo confirms long-held suspicions as NSA cyberweapons crisis threatens to grow worse." 'Shadow Brokers' threaten to release more hacking tools in June https://www.engadget.com/2017/05/16/sha … -nsa-june/ Cyberattack on Heritage Valley Health System related to global ransomware attack http://www.wtae.com/article/cybersecuri … m/10228015 Cyberattack Forces West Virginia Hospital to Scrap Computers https://www.wsj.com/amp/articles/cybera … 1498769889 Experts say Petya out to destroy not ransom http://www.zdnet.com/article/ransomware … ot-ransom/ "Security experts have said the Petya malware is out to irrecoverably wipe information, not hold to it to ransom" "Victims of this week's Petya outbreak are being given one more reason to not pay up -- the malware is not able to restore files. Researchers from Comae Technologies and Kaspersky Lab have independently arrived at the same conclusion that Petya is a wiper, not ransomware." EternalPetya and the lost Salsa20 key https://blog.malwarebytes.com/threat-an … e-package/ "Thus, the malware appears to have only damaging intentions." https://www.youtube.com/watch?v=zc8FuuzGGrc Ukraine scrambles to contain new cyber threat after 'NotPetya' attack http://www.reuters.com/article/us-cyber … SKBN19Q14P Jun 27 17 02:00 pm Link I have the Microsoft patch for Windows XP. Jun 28 17 09:15 pm Link |