Direct Technology Group Blog

Direct Technology Group provides professional IT Support and Network Services for Businesses around Deerfield Beach. Computer Services, Tech Support, IT Solutions and more!

Alert: New Petya Ransomware Spreads via Fake Online Resumes

Alert: New Petya Ransomware Spreads via Fake Online Resumes

Next time you see an unsolicited resume in your email, it’s worth scrutinizing before you just click on it. It could be a nasty new ransomware called Petya.

Petya is a particularly mean-spirited ransomware that hackers use to extort money from their victims. Infection begins with a Windows error, followed by the typical “blue screen of death” reboot, and displays a red skull and crossbones. As the computer restarts, a fraudulent “system check” allows the infection to encrypt the master file table (MFT), so the computer more or less “forgets” where, or even which, files it has.

In addition to doing this, instead of barring access from particular files, Petya locks the user out of their system entirely by overwriting their computer’s master boot record. Once this happens, the computer is rendered useless (you can’t even log in), only displaying a list of demands, an online address to appease those demands in Bitcoin, and finally, a decryption code to regain access to the files.

When the user accesses the payment page, they learn that they have a limited amount of time to purchase their key before the price is doubled--from around an initial cost of .99 Bitcoins, which is equivalent to about $430. While many websites claim that there are commands that will allow the user to skip the lock screen, the MFT will still be encrypted, and the files still useless. Additionally, there’s no guarantee that the decryption key provided upon payment will even solve the problem, potentially leaving the user short $430 and all of their digital files.

Business owners and human resource representatives need to be particularly alert, considering that the preferred method of disbursement for Petya is via email, specifically disguised as what would appear to be a message from someone seeking a job. The message contains a hyperlink that directs to a Dropbox containing a “resume” (an antivirus program-blinding Trojan containing Petya) and a stock photo. With these tactics, Petya had been plaguing German businesses, with no telling when it may spread.

Fortunately, a programmer has come up with a fix to remove Petya without paying any ransom after his father-in-law’s system was targeted. Thanks to some purported carelessness by the authors of this malware, the encryption is crackable. To do so, however, isn’t such a simple task - it requires a second, uninfected hard drive, for starters. So while Petya has been cracked, it is still better to not be a target in the first place.

So how does one avoid such an attack? Mainly vigilance, assisted by Direct Technology Group’s security solutions that help detect and block questionable sources. Call (954) 739-4700 for more information about products to keep your company safe from the cyber pirates flying a digital skull and bones.

Tip of the Week: The Top 5 Mistakes that Ruin Mobi...
It’s the End of the Line for Microsoft SQL Server ...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 07 November 2024

Captcha Image

Blog Archive

2014
January
February
March
April
May
June
July
August
September
October
November

Mobile? Grab this Article

QR Code
Request a Consultation

Direct Technology Group strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges.

Contact Us
Contact Us

Learn more about what Direct Technology Group can do for your business.

1358 W Newport Center Dr
Deerfield Beach, Florida 33442

Call us: (954) 739-4700

News & Updates
Direct Technology Group is proud to announce the launch of our new website at www.directtechnologygroup.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...