NetFort Customer UPDATE: Petya Ransomware

  • 2
  • Idea
  • Updated 1 year ago
As you’ve heard at this stage, many organizations throughout Europe and the USA have been crippled with the new variant of Petya Ransomware (also known as GoldenEye, NoPetya) and we want to ensure that you are kept up-to-date as new details emerge.  
 
This outbreak is potentially more harmful and disruptive when compared to Wannacry, rendering machines unbootable and denying access until ransoms have been paid. We have updated our latest blog post with additional information on this variant, so please take a few minutes to read the latest post here

Additionally, we strongly recommend that you update your LANGuardian Ransomware Detection dashboards, so that you can detect clients or servers scanning your network with the Microsoft ports on TCP port 445 or 139. To learn more on this, watch our latest video here. If you don’t have access to YouTube, this link here should also work.

We will continue to keep you up-to-date. In the interim, if you require further advice, please contact our office on +353 91 520501 or indeed, drop us an email to support@netfort.com
Photo of Aisling Brennan

Aisling Brennan, Official Rep

  • 393 Posts
  • 8 Reply Likes

Posted 1 year ago

  • 2
Photo of alex joshep

alex joshep

  • 2 Posts
  • 1 Reply Like

Hello Aisling,

I would like to add some updates here. After the outbreak of WannaCry and Petya Ransomware, a new data encryption is creating chaos and is named as Bad Rabbit Ransomware. Cybersecurity researchers found that this ransomware is much identical to Petya Ransomware and creating same havoc among PC users.

It is infecting corporate networks as well as individual computers. At this point in time, it has spread to European countries and is spreading aggressively around other parts of the world. It blocks the important files, programs and in some cases the operating system and demands of 0.5 Bitcoin of the victims. In return, cyber-criminals promise to provide the original decryption key. However, paying money for Bad Rabbit Ransomware is never recommended. It encourages cybercriminals to create more of such an infection and, above all, there is no guarantee that you will get your files and data back after the ransom is paid.

Photo of alex joshep

alex joshep

  • 2 Posts
  • 1 Reply Like
Bas Rabbit Ransomware is also known as "Cscc.dat". As we know cybercriminals are not going to stop their fraudulent work. Thus, in order to be protected a PC user should have an AV tool.   
(Edited)