RCL Systems Blog

RCL Systems has been serving the Bellaire area since 1986, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses

Alert: Petya Ransomware May Be the Worst Yet

Alert: Petya Ransomware May Be the Worst Yet

Once the file has been downloaded, Petya causes a Windows error and forces the system to endure the typical “blue screen of death,” causing a reboot. The computer will then display a red skull and crossbones, and a fraudulent “system check” infects and encrypts the master file table (MFT) with military-grade encryption protocol. This causes the computer to basically forget which files it has, and where they are stored.

Rather than closing access to particular files, Petya completely locks the user out of the system by overwriting the computer’s master boot record. The computer is essentially rendered useless by the user, who can’t even log in. Petya will display a list of demands, as well as how to meet them. As is the case with most ransomware, the ransom must be paid in Bitcoin. Once this has been done, the criminal supplies a decryption key that’s used to regain access to the files.

The initial cost for the decryption key is .99 Bitcoins, which is an estimated $430. However, paying for the decryption key isn’t that simple. Once the user accesses the payment page, they’re given a limited amount of time to access the key before the price is doubled. While there are some websites that claim there are commands that can allow users to skip the lock screen, the MFT will still be encrypted, rendering the files useless. Even if the user pays the ransom, there’s still no guarantee that the decryption key provided by the hackers will work. This is why we always suggest that you don’t pay the ransom, and instead contact a professional technician who can consult you on the situation.

In particular, business owners and human resources representatives who are responsible for the hiring procedure are the preferred targets. Petya is distributed through emails that are disguised as potential job seekers. The message will often contain a hyperlink that redirects to a Dropbox containing a resume, which is really just a Trojan horse containing Petya that’s capable of weaseling its way past your antivirus solution. Petya had been causing significant trouble for German businesses, but a programmer has found a solution. Admittedly, it’s a tricky solution to implement, but it’s still preferable to paying a ransom.

As is the case with most ransomware, your best chance of escaping unscathed is by dodging the attacks altogether. Ransomware is notoriously difficult to crack, even for seasoned IT veterans, but keeping a watchful eye on anything you find on the Internet can help you avoid infections. With RCL Systems’s security solutions, you can proactively detect and eliminate threats to your IT infrastructure. To learn more, give us a call at (281) 240-2777.

Tip of the Week: 5 Tips From the 90s That are Usel...
Forget Backdoors, Hackers Can Now Infiltrate Garag...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Monday, 23 December 2024

Captcha Image

Mobile? Grab this Article

QR Code

Customer Login


News & Updates

RCL Systems is proud to announce the launch of our new website at www.rcl.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what RCL Systems can do for your business.

RCL Systems
Houston, Texas