Large businesses, electricity suppliers, and government agencies around the world are being affected by a strain of malware widely known as Petya. Even a chocolate factory has been hit.
At first, it was believed that it was ransomware because it essentially locks down an infected computer and a ransom note appears on-screen. The note demands $300, paid via Bitcoin, in return for unlocking the infected computers. This attack closely mimics the WannaCry ransomware attack that affected more than 230,000 computers in over 150 countries in May.
So, it's ransomware, right? Well, probably not. The payment system the hackers set up is pretty much useless. They used only one address for their Bitcoin payment, which has already been shut down by the email provider. It's believed that the ransomware was just a cover for malware designed to do a lot of damage, particularly to the Ukrainian government. Besides rendering a computer and its data useless, there is also a Trojan inside of Petya that steals victims' usernames and passwords.
Not "Petya" its GoldenEye
Petya is actually a name for an older version of the malware. When key differences emerged, researchers gave it various different names to mark it as a new strain of Petya. GoldenEye seems to have stuck.
How to protect against it
Have the latest firmware for your server. Doing this will give you a boost considering Microsoft might have patched the malware.
Next, make sure that your antivirus software is up to date. Most antivirus companies already have patches out that block Petya and this new version of it.
Lastly, take sensible everyday precautions. Sykes recommends backing up your computer regularly and keeping a recent backup copy off-site. And don't open attachments in emails unless you know who they're from and you're expecting them.