A ransomware Petya is making the rounds in Europe. It has already infected multiple organization in Europe. According to some security experts, the new ransomware attack is even larger attack than last month’s devastating WannaCry.
Some of the larger organizations currently known as being affected are Danish shipping giant Maersk and Russia’s largest oil producer, Rosneft.
Petya ransomware works by encrypting system files after rebooting the computer. So if your system is infected with Petya ransomware and it tries to restart, just do not power it back on. If you do not power on, files are fine. Use a LiveCD or external machine to recover files.
You should always be suspicious of unwanted files and documents sent over an email and should never click on links inside them unless verifying the source.PT Security, have discovered a Kill-Switch for Petya ransomware. The company has advised users to create a file i.e. “C:\Windows\perfc” to prevent ransomware infection.
It not clear yet whether Microsoft will release an update for Petya ransomware or not. Always run a good and effective anti-virus security suite on your system, and keep it up-to-date.
