Petya Ransomware

29 June 2017
Author :  

A new ransomware variant known as Petya began sweeping across the globe

 

Yesterday on 28/7/2017 , a new ransomware variant known as Petya began sweeping across the globe, impacting a wide range of industries and organizations,

impacting a wide range of industries and organizations, including critical infrastructure such as energy, banking, and transportation systems.

This variant is part of a new wave of multi-vector ransomware attacks that Fortinet is calling “ransomworm”, which takes advantage of timely exploits. The ransomworm is designed to move across multiple systems automatically, rather than stay in one place. It appears that the Petya ransomworm is using similar current vulnerabilities that were exploited during the recent Wannacry attack.

This variant, however, rather than focusing on a single organization, uses a broad-brush approach that targets any device it can find that its attached worm is able to exploit. It appears that this attack started with the distribution of an Excel document that exploits a known Microsoft Office exploit. Because additional attack vectors were used in this exploit, patching alone would have been inadequate to completely stop this exploit, which means that patching needs to be combined with good security tools and practices

Fortinet customers were protected from all attack vectors, as they were detected and blocked by our ATP, IPS, and NGFW solutions. In addition, our AV team issued a new antivirus signature within a few hours of the discovery to enhance the first line of defense. 

 

88 Views
Super User
  • Amman,Jordan
  • +962-6-5652003
  • +962-6-5639703
  • This email address is being protected from spambots. You need JavaScript enabled to view it.
  • This email address is being protected from spambots. You need JavaScript enabled to view it.

Recent Projects

Contact Us

  Mail is not sent.   Your email has been sent.
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. Cookie policy. I accept cookies from this site. Agree