A sizeable ransomware attack is currently affecting computer networks throughout Eastern Europe and the UK.
The virus, named Petya (NotPetya/SortaPetya/Petna), encrypts the hard drives of infected computers, requiring the owners to pay a fee to re-gain access to their files.
It is understood that once active this virus DOES NOT need to be spread by unsuspecting users, and is capable of travelling through networks by itself.
Once an infected file has been opened within a network, the virus will seek and encrypt every vulnerable computer it comes across.
Most viruses are spread by ‘phishing’ – the practice of sending emails that appear to be from legitimate sources (bank, Facebook etc), and it can be very difficult to tell fake emails from real ones.
We advise clients to get in touch if they receive emails from Maverick Numismatics that appear unusual or unexpected.
We operate on Apple Mac OS, which is currently unaffected by the virus, so we don’t anticipate any problems. However, we are following the story, and increasing our vigilance, and advise you to do the same.
General advice is to update Windows to the latest security patches on all your computers, and to be extrra vigilant about opening files or clicking links within emails.
As of this morning, it is understood that email addresses associated with the ransom Bitcoin wallet have been shut down, so the advice is NOT to pay the ransom if your computer is infected, as the perpetrators probably won’t receive it.
A researcher, named Amit Serper has found a method of preventing the virus from activating. It’s a simple process, that can be achieved by any reasonably competent user. Full details and instructions can be found here on Bleepingcomputer blog.