GTS Solutions Blog

GTS Solutions has been serving the Chapin area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: New Petya Ransomware Spreads via Fake Online Resumes

b2ap3_thumbnail_ransomware_petya_400.jpgNext time you see an unsolicited resume in your email, it’s worth scrutinizing before you just click on it. It could be a nasty new ransomware called Petya.

Petya is a particularly mean-spirited ransomware that hackers use to extort money from their victims. Infection begins with a Windows error, followed by the typical “blue screen of death” reboot, and displays a red skull and crossbones. As the computer restarts, a fraudulent “system check” allows the infection to encrypt the master file table (MFT), so the computer more or less “forgets” where, or even which, files it has.

In addition to doing this, instead of barring access from particular files, Petya locks the user out of their system entirely by overwriting their computer’s master boot record. Once this happens, the computer is rendered useless (you can’t even log in), only displaying a list of demands, an online address to appease those demands in Bitcoin, and finally, a decryption code to regain access to the files.

When the user accesses the payment page, they learn that they have a limited amount of time to purchase their key before the price is doubled--from around an initial cost of .99 Bitcoins, which is equivalent to about $430. While many websites claim that there are commands that will allow the user to skip the lock screen, the MFT will still be encrypted, and the files still useless. Additionally, there’s no guarantee that the decryption key provided upon payment will even solve the problem, potentially leaving the user short $430 and all of their digital files.

Business owners and human resource representatives need to be particularly alert, considering that the preferred method of dispersement for Petya is via email, specifically disguised as what would appear to be a message from someone seeking a job. The message contains a hyperlink that directs to a Dropbox containing a “resume” (an antivirus program-blinding Trojan containing Petya) and a stock photo. With these tactics, Petya had been plaguing German businesses, with no telling when it may spread.

Fortunately, a programmer has come up with a fix to remove Petya without paying any ransom after his father-in-law’s system was targeted. Thanks to some purported carelessness by the authors of this malware, the encryption is crackable. To do so, however, isn’t such a simple task - it requires a second, uninfected hard drive, for starters. So while Petya has been cracked, it is still better to not be a target in the first place.

So how does one avoid such an attack? Mainly vigilance, assisted by GTSS’s security solutions that help detect and block questionable sources. Call (803) 298-3008 for more information about products to keep your company safe from the cyber pirates flying a digital skull and bones.

Tip of the Week: The Top 5 Mistakes that Ruin Mobi...
It’s the End of the Line for Microsoft SQL Server ...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Saturday, 21 December 2024

Captcha Image

Blog Archive

2022
January
February
March
April
May
June
July
August
September
October
November
December
2021
January
February
March
April
May
June
July
August
September
October
November
December
2020
January
February
March
April
May
June
July
August
September
October
November
December
2019
January
February
March
April
May
June
July
August
September
October
November
December
2018
January
February
March
April
May
June
July
August
September
October
November
December
2015
January
February
March
April
May
June
July
August
October
November

Mobile? Grab this Article

QR Code
Request a Consultation

GTSS strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges.

Contact Us
Contact Us

Learn more about what GTSS can do for your business.

700 Gervais St. Suite 250,
Columbia, SC 29201

Call us: (803) 298-3008

Toll Free: (888) 511-9017

News & Updates
North Charleston, SC Feb 2021: The first port in North America to implement Cisco's FluidMesh Fluidity mobile solution for port operations at the South Carolina Ports Authority new Hugh Leatherman Terminal. The GTS Solutions, Inc. team was able ...