密市房产经纪 benn ylin
教育培训
永恒装修公司
保险经纪Vince&Mary
广告招租
杨教练
51新楼花专家 美资房企高管 Davik Zhu

加拿大密西沙加华人网™

 找回密码
 注册

Kaspersky Lab: new ransomware attack 'likely to grow even more'

2017-6-29 05:07| 发布者: leedell| 查看: 81| 评论: 0|来自: Xinhua

摘要: Kaspersky Lab said Wednesday that the new ransomware attack that started a day ago "is likely to grow even more." In an updated blog posting, the multinational cybersecurity and anti-virus services p ...

Kaspersky Lab said Wednesday that the new ransomware attack that started a day ago "is likely to grow even more."

In an updated blog posting, the multinational cybersecurity and anti-virus services provider said its experts concluded that the new malware is significantly different from all earlier known versions of Petya, a family of encrypting ransomware that was first discovered in 2016.

Petya targets Microsoft Windows-based software systems, infecting the master boot record to execute a payload that encrypts the file table with the New Technology File System (NTFS) format, which is used by current Windows versions for storing and retrieving files on a hard disk or other data storage devices, demanding a payment in Bitcoin in order to regain access to the system.

Unofficially, the author of the posting noted, "we've named it ExPetr or NotPetya."

"The attack appears to be complex, involving several attack vectors," according to the posting. "We can confirm that a modified EternalBlue exploit is used for propagation, at least within corporate networks."

EternalBlue, generally believed to have been developed by the U.S. National Security Agency (NSA) to exploit a vulnerability in Microsoft's implementation of the Server Message Block (SMB) protocol, was made available on the internet by the Shadow Brokers hacker group on April 14.

Although it was patched by Microsoft on March 14, EternalBlue was used as part of the worldwide WannaCry ransomware attack on May 12.

As in the WannaCry case, the attacker behind the new ransomware tried to extort payment equivalent to 300 U.S. dollars in Bitcoin, a cryptocurrency, from its victims for what the attacker called a "decryption key."

However, notifying it does not advocate paying the ransom, Kaspersky Lab said German email service provider Posteo has already shut down the email address that victims were supposed to use to contact blackmailers and send Bitcoins, and from which they would receive decryption keys; therefore, with the email address blocked, victims won't be able to pay the criminals or get their files back.

While the cybercriminals behind the new ransomware target mostly big enterprises, and home users seem to be less affected by the threat, Kaspersky Lab recommends its customers to back up data, manually update the antivirus databases and install all security updates for Windows.

最新评论

地产经纪:朱加瑞
明信会计事务所
海外旅游
汽车房屋保险
CIK电讯
加嘉旅游
广告招租
孚美汽车修护
驾车教练:林教练
雪佛兰专卖店
多咨处咨询集团
密西沙加移民公司
广告招租
广告招租

广告合作(Contact Us)|关于我们|小黑屋|手机版|Archiver|加拿大密西沙加华人网

GMT-4, 2024-11-1 02:36

Powered by Discuz! X3.4 Licensed

Copyright © 2001-2021, Tencent Cloud.

返回顶部