Once upon a time, users were scared of computer virus. Then they expected IT to take care of it.
Now, These scary Ransomware is changing the game
This time, it is an headache for both user and IT
From the Article:
The malicious program will rewrite the computer’s MBR and and will trigger a critical Windows error that will cause the computer to reboot—a condition known as a Blue Screen of Death (BSOD).
Following this initial reboot, the rogue MBR code will display a fake Windows check disk operation
During this operation, the ransomware actually encrypts the master file table (MFT).
Petya does not encrypt the file data itself, which would take a long time for an entire hard drive, but by encrypting the MFT the OS will no longer know where the files are located on disk.
After the MFT encryption is done, the rogue Petya MBR code will display the ransom message accompanied by a skull drawn in ASCII characters. The message instructs users to access the attackers’ decryption site on the Tor anonymity network and provides them with a unique code that identifies their computer.
The price for the key required to decrypt the MFT is 0.99 bitcoins (BTC), or around US$430.
Check here for more info:
No comments:
Post a Comment