13065 Ukraine attacked a new virus-the extortioner

Ukraine attacked a new virus-the extortioner



Mar’yana Makarova

71

Ukraine attacked a new virus-the extortioner

June 27, around noon, there is information that has been hacking into several Ukrainian banks and government agencies. Later it became known that the strike hit “New Post”, “Ukrpochta”, “Ukrsotsbank”, “Sberbank”, “Ukrzaliznitsa”, the airport “Borispol”, “Epicenter”, “24 channel”, a number of ministries and hospitals.

At the moment, not all ATMs of some banks, branches are closed the “New mail” and “Ukrposhta” suspended flights from the airport “Borispol”. In addition to large companies and government agencies were attacked and the local utility company, the number of victims of the virus increases.

As it became known, for a failure in the systems of enterprises guilty virus ransomware that has encrypted the data and demanded a ransom in bitcoins equivalent to $300.

Украину атаковал новый вирус-вымогатель – Вирус PetyaUnder threat are the Windows computers. There are currently no messages about what was the infected computers based on other operating systems. Hacking is very similar to the one that was associated with the virus WCry. The last time it infected the Windows-based computers 7 and under.

About the virus was known in 2016. The PC takes place through the opening of incoming mails and the virus can disguise phishing emails and do not cause any suspicion. When infected, the system “crashes” and usually the user tries to reboot the computer. But this is what to do and not: after rebooting the system is completely blocked.

However, evidence that this is a virus WCry, yet. “New Mail” in your message claims that a virus called Petya.A and edition of “the League” indicates that this is a DOS/Petya.A.

See also  MoviePass Adds More Restrictions As New Plan Goes Live

Should we be afraid of virus home Windows-based PC? At the moment it is known that the distribution of phishing emails were made solely on the corporate boxes, but, according to the company ISSP, there are already cases of infection of home computers.

How to protect yourself and your computer:

  • force the update of the virus database and operating system
  • not open (it is better to block) incoming messages with attachments *.exe, *.js*, *.vbs from %AppData%
  • if contamination has occurred – do not restart the computer!

At the level of the mail gateway – blocking message that contains active content (*.vbs, *.js, *.jse, *.exe); – level proxy – blocking loading files with active content (*.vbs, *.js, *.jse); block SMB and WMI ports (especially 135 and 445).

On this topic: ( from category Allo.ua, Articles, News )

Leave feedback

Your email address will not be published. Required fields are marked *

*
*

Top