Good news for some ransomware victims: The master key used to encrypt the original versions of Petya ransomware has been released. But the key cannot be used to decrypt the "NotPetya" malware that recently began crypto-locking PCs.
The latest edition of ISMG Security Report leads with a conversation with DataBreachToday Executive Editor Mathew J. Schwartz on how the NotPetya malware spread from its Ukraine origins. Also, why tech users can't secure their systems.
Police in Ukraine have seized servers operated by the Intellect Service, which develops the M.E. Doc accounting software used by 80 percent of Ukrainian businesses. Attackers backdoored the software to launch XData, NotPetya and fake WannaCry - aka FakeCry - malware campaigns.
The NotPetya outbreak - and XData ransomware before it - have been traced by security researchers at ESET to backdoored M.E. Doc accountancy software. The installed software contains a unique tax identification code for each user's organization, potentially aiding attackers.
Firms in Ukraine and beyond are still struggling to bring all systems back online following last week's devastating "NotPetya" malware outbreak. Authorities in Ukraine have blamed Russia, and said criminal charges could be filed against a Ukrainian software vendor caught up in the attack.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
NotPetya was not as bad as WannaCry, despite NotPetya being even more sophisticated, and targeting the same EternalBlue flaw that had allowed WannaCry to spread far and fast. Microsoft says NotPetya's builders limited its attack capabilities by design.
As the WannaCry outbreak demonstrated, many organizations run outdated operating systems. Too often when systems - and especially embedded devices - still function, there isn't a convincing business case for upgrading. ESET's Mark James asks: Whose fault is that?
When malware comes gunning for your national health service, you're going to take it personally. And that's just one reason why the WannaCry outbreak in particular boosted cybersecurity awareness in the U.K. and around the world, says Barracuda's Hatem Naguib.
As the count of NotPetya victims grows, Ukraine warns that it's also being targeted with a new WannaCry lookalike that hit state power distributor Ukrenergo. Security researchers say that marks the fourth recent campaign targeting Ukraine that's based on lookalike ransomware.
The latest edition of the ISMG Security Report leads with an analysis exploring how artificial intelligence can be used by hackers to threaten IT systems and by organizations to defend critical digital assets. Also, a deep dive into the NotPetya ransomware attack.
Deducing intent from malware code is tricky, but computer security experts appear to agree that the latest wave of file-encrypting malware was never designed to make its creators rich. Instead, it's intended to destroy disks.
Malware known as NotPetya, SortaPetya or GoldenEye continues to spread globally, infecting endpoints via leaked Equation Group exploits as well as built-in Windows tools. Here's a roundup of what we know about the supposed ransomware and its spread so far.