Author: Brandon Vigliarolo / Source: TechRepublic
A new ransomware attack is claiming victims, both private and governmental, around the world.
It has struck heavily in Ukraine, where the interior ministry is calling it the largest cyberattack in the nation’s history. It’s also hit Denmark, Russia, the UK, and many signs point to it being worse than last month’s WannaCry attack.
What makes the latest attack, a clone of the GoldenEye variant of the Petya family, even worse is how it operates: Using the same security flaw that enabled WannaCry to infect computers. How was GoldenEye able to go global despite widespread coverage of its predecessor?
What GoldenEye/Petya is
While it’s still too early to determine the full extent of the damage this outbreak has caused, security research firm Bitdefender has identified the ransomware and knows what it’s capable of.
SEE: The Four Volume Cyber Security Bundle (TechRepublic Academy)
This latest attack is using a nearly identical clone of GoldenEye, itself a member of the Petya family of ransomware. Petya, like other ransomware variants, encrypts files and makes users pay to get them back.
GoldenEye goes one step further, however: It encrypts files and NTFS structures, meaning infected computers won’t even boot up. They simply load a notice of infection and instructions on how to pay the ransomers.
Where GoldenEye/Petya has been discovered
This latest attack, much like WannaCry, has hit some major…
Click here to read more