Ransomware

PSA: New Ransomeware Attack – Check Your Protection Now

Here’s a recent update on a critical issue for all computer users. This information comes courtesy of Malwarebytes, a security software firm.


A new strain of ransomware, a Petya-esque variant being called Petya/NotPetya, is swiftly spreading across the globe today, impacting tens of thousands of computers as of 2:00 p.m., PST. More powerful, professional, and dangerous than last month’s WanaCrypt0r attack, the Petya-esque ransomware uses the same EternalBlue exploit to target vulnerabilities in Microsoft’s operating system. However, unlike WanaCrypt0r, this ransomware instructs you to reboot your computer and then locks up your entire system. Long story short: if you get this infection, you’re hosed.

We’re alerting you to reassure you that if you’re currently using the premium version (or the premium trial) of Malwarebytes with real-time protection turned on, you are protected from this threat. Our premium technology blocks the Peyta-inspired ransomware before it can encrypt your system. (The free version of Malwarebytes, however, does not protect you against this attack. To see which version you have, open up your Malwarebytes software and look for the version name at the top of the window.)

If you’re not currently using the premium version of Malwarebytes, we recommend that you update your Microsoft Windows software immediately. Microsoft released a patch for this vulnerability in March. You may access the patch here. We also recommend you be extra vigilant about opening emails, as one suspected method for spreading this infection is through infected Office documents delivered via spam.

If you’re thinking about paying the ransom for this threat ($300 in Bitcoin per PC)—don’t bother. The email service that hosted the address where victims were instructed to send payment has closed the account. So at this point trying to pay the ransom will result in a returned email. However, the attackers may provide their victims with alternative forms of payment transactions.

Cyberattacks at a global scale seem to be happening more and more frequently. At Malwarebytes, we pledge to keep our customers and readers informed. Your safety is our number one priority.

Sincerely,

The Malwarebytes team


 

A few quick notes:

  1. If you are regularly applying your Windows updates you will be protected. However, if you are using an older version of Windows that is unsupported you will need 3rd party protection.
  2. Don’t miss the fact that you are not even able to pay the ransom if your computer is infected. Once infected, you are hosed and all your data is gone. This is serious.
  3. If you use a Mac you aren’t safe. Yes, this attack focuses on a Windows exploit but just last week two new Mac ransomware kits were released to the hacker market for free. That means anyone, anywhere can access them to build ransomware to attack Mac PCs. Proper protection is essential no matter what platform you’re on.
  4. Malwarebytes Premium is a paid product. Strider uses Malwarebytes Premium on all of our PCs, but we do not have any other relationship with the company, and do not receive any compensation for posting this warning.