Petya-Like Ransomware Attack: Virus Affects Large Networks Around the World
Another malware that is identified as a Petya-like ransomware is affecting several networks around the globe.
Not long after the massive WannaCry ransomware attack tormented the world, a new kind of malware is quickly spreading across private networks of organizations and corporations worldwide.
According to IT security experts (via Medium), the ransomware is called as such since it "is camouflaged to look like the infamous Petya ransomware" but added that "it has an extremely poor payment pipeline."
However, cybersecurity analysts want to establish the significant difference between the latest malware and Petya.
The Medium blog added: "The superficial resemblance to Petya is only skin deep. Although there is significant code sharing, the real Petya was a criminal enterprise for making money. This is definitely not designed to make money. This is designed to spread fast and cause damage, with a plausibly deniable cover of 'ransomware.'"
According to reports, hackers were able to embed the malware into a software update code for an accounting program used by many companies linked to or working with Ukrainian government agencies.
This explains why Ukrainian organizations and institutions were the first ones who got hit by the Petya-like malware. Even the Chernobyl nuclear power plant in the country was attacked, where its radiation monitoring system went offline and employees had to use hand-held counters
The strength of the Petya-like malware appears to be its ability to spread at a relatively fast pace. It did not take long for the ransomware to get into the servers of the biggest oil companies in Russia. However, there were reports that the oil companies' superior cybersecurity mechanism kept them from experiencing a server shutdown.
Added to that, some networks in Australia — such as that of a global law firm's — have also been reportedly attacked. The servers of a Tasmania-based Cadbury chocolate factory were also downed on Tuesday evening.
In a report by Australian news outlet ABC, Cadbury provided a photo of how their computer screens looked like after the Petya-like ransomware crept into their machines. The hackers had demanded a ransom of $300 in Bitcoin currency before they supposedly bring back the files and the computer network.
Global shipping company Maersk was also taken down by the Petya-like worm. Maersk decried the malware attack on Twitter and said it is "affecting multiple businesses." The company also confirmed that they were forced to shut down their systems for drilling, oil, and tanker services following the cyber attack.