'Petya' ransomware attack: what is it and how can it be stopped?
    July 1, 2017, 7:16 a.m. Posted by: aka56

    What is ransomware?

    Ransomware is a type of malware that blocks access to a computer or its data and demands money to release it.

    How does it work?

    When a computer is infected, the ransomware encrypts important documents and files and then demands a ransom, typically in Bitcoin, for a digital key needed to unlock the files. If victims don’t have a recent back-up of the files they must either pay the ransom or face losing all of their files.

    How does the “Petya” ransomware work?

    The ransomware takes over computers and demands $300, paid in Bitcoin. The malicious software spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows (Microsoft has released a patch, but not everyone will have installed it) or through two Windows administrative tools. The malware tries one option and if it doesn’t work, it tries the next one. “It has a better mechanism for spreading itself than WannaCry,” said Ryan Kalember, of cybersecurity company Proofpoint.

    More details, please refer to the following link below.


    https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-attack-who-what-why-how