Petya ransomware variant attacks computers worldwide
June 27, 2017
The Petya ransomeware was spotted this morning and has hit the Ukraine hard, affecting the government, Kiew airport and Metro system, an energy provider, central bank and even the defunct Chernobyl nurclear power plant. The ransomware infection has been confirmed in more than 14 countries including the US and Mexico. In the original Emsisoft blog article it says "the best protection still remains a reliable and proven backup strategy, especially since the encryption used by the Petya ransomware is secure. The only way to get the data back is through the help of the ransomware author or via restoring from backups. Making sure to install critical Windows updates is also a very important step in protecting a system, as Petya's main infection vector so far is the ETERNALBLUE SMBv1 exploit currently, which has been patched for several months already."
Part of the Emsisoft Anti-Ransomware module called Behavior Blocker technology is used by Emsisoft Anti-Malware and has proven to be the next best defense as it catches the ransomware's attempt to infect the system a backdoor.