How to Prevent the NotPetya/Petya Ransomware

in #virus7 years ago (edited)

What is Petya Ransomware?
Like any ransomware variant, it will encrypt your files and disrupt firms all over the globe. The virus gives a ransom of $300 worth of bitcoin to get back a digital key needed decrypt your files. This strain of malware seeds itself internally in devices, especially servers, and spreads like wildfire infecting other nodes on the network.
DO NOT NEGOTIATE, THEY WILL NOT GIVE YOU THE KEY.

Researchers are coming to the conclusion that this malware is not particularly ransomware and proclaiming it to be used more as a disruptive weapon. More included about this in the hyperlink.
https://www.bleepingcomputer.com/news/security/surprise-notpetya-is-a-cyber-weapon-its-not-ransomware/

The Fix
Researchers discovered that this malware searches for a local file and then exits its encryption routine if that file is already present on the disk.
The vaccination for your computer/server is simple enough (That’s what this is, only a vaccination for this variant of ransomware). To stop the current strain of NotPetya/Petya/Petna (yeah, this naming is annoying), simply create a file called perfc in the C:\Windows folder and make it read only. I’d advise creating both a .dll and .dat extension. Another more extreme solution would be to have your Windows OS on a different partition of your hard drive instead of C:/.

Hope you all enjoyed this and take control of your security!

Coin Marketplace

STEEM 0.27
TRX 0.21
JST 0.038
BTC 95523.20
ETH 3621.80
USDT 1.00
SBD 3.77