HomeWinBuzzer NewsWindows Threat: Petya Ransomware Targeting Users

Windows Threat: Petya Ransomware Targeting Users

-

's continued growth seems to be continuing despite efforts to warn users about the type of that encrypts files and systems until a user pays a fee to unlock it.

We have reported on several ransom attacks in recent weeks, including the first ever such attack on Apple's OS X platform.

On Windows ransomware is more common and a growing concern, and a new type of attack called Petya has been described by G DATA Software.

Petya causes problems by encrypting a user's hard drive, which is a twist on the ransomware idea by shutting down a whole hard drive instead of an individual files.

This means that user's infected by Petya will see their entire machines closed to the ransomware, starting for the operating system boot process. As is often the case with ransomware, the attack is distributed through an email message that claims to be offering a job proposal.

Petya-GDATA-Ransomware

While attacks of this kind usually have an infected attachment, Petya is distributed by a hosted resume on a Dropbox cloud service. User's think they are heading to the legitimate cloud destination to apply for the job post offered, but instead the hyper link just leads to a Trojan Horse that then plants the Petya ransomware on a system.

Once embedded into the system, the Petya Trojan Horse gets to work and changes the master boot record of the OS, which in turn makes the system crash. When the machine is restarted the boot will look like 's Check Disk utility, but it will actually be Petya's initiation process mimicking Microsoft's service, allowing the ransomware to be installed.

With the installation process complete, a skull will appear with just a single keystroke possible for a user to continue. The ransomware will explain that the machine is infected and that the user should pay a fee for a recovery key to unlock the data.

The obvious way to avoid Petya or indeed most ransomware attacks is to avoid opening attachments or links in emails from an unknown sources.

SOURCE: G DATA

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News