27 June 2017

Petya or Petwrap ransomware

There is one more ransomware that is taking advantage of the SMB V1 vulnerability and that is spreading worldwide.

If you consult the hastag #ransomware can check that already made some victims.

This is why it is extremely important to update the operating systems not only Microsoft but also Linux and Apple. All systems have vulnerabilities, all systems have flaws so all systems have ransomware. If you don't believe, do a search.

But there's the following problem:

O Petya use NSA exploits "Spreads in internal networks with WMIC and PSEXEC. That's why patched systems can get hit." source: Mikko Hyppone

All recommendations say not to pay the ransom!! The email address used is already blocked and up to the time there have already been 28 victims who made the payment. You can consult the transfers here.

How can I protect you?

The recommendations are:
  1. Disable SMB v1;
  2. Disable WMIC (Windows Management Instrumentation Command-line);
  3. Install all Microsoft patches.

No comments:

Post a comment