Germany's BSI says Petya malware used in cyber attacks

Share

The new virus has a fake Microsoft digital signature appended to it and the attack is spreading to many countries, Costin Raiu, director of the global research and analysis team at Moscow-based Kaspersky Lab, said on Twitter.

"This is why we have named it NotPetya".

A Ukrainian media company said its computers were blocked and it was asked to pay US$300 in the crypto-currency bitcoin to regain access.

Russian Federation and Ukraine were most affected, with other victims spread across countries including Britain, France, Germany, Italy, Poland and the United States, the security software maker said.

Ido Naor, Kaspersky's senior security researcher in Israel, told the Ynet news website that the attack had also targeted some firms in Israel, without disclosing additional details. The attack had little effect on US networks, which one expert suspected was because older computers did not have the necessary security updates to stop the attack.

"The Mondelez International network is experiencing a global IT outage".

DLA Piper is dealing with a ransomware attack on Tuesday that is apparently affecting offices in the United States, Europe and the Middle East.

"We confirm our company's computer network was compromised today as part of global hack", the company tweeted. "Other organizations have also been affected", Merck said on Twitter.

While experts can not definitively say where that attack originated, information hidden in the code used to run in pointed to the involvement of North Korea.

International Yoga Day 2017
Even as an enthusiastic crowd chanted "Modi Modi" and "Bharat Mata Ki Jai", he shrugged off his security cordon to join the students assembled in the main arena.

Everton 'beat Arsenal' to sign Nigeria attacker
Henry, who scored 22 goals in 38 games for Belgium's KAS Eupen last season, will, however, be loaned to Anderlecht next season. Onyekuru is expected to spend next season on loan at Anderlecht as he does not yet qualify for a work permit in the UK.

Uber's New Feature Lets Users Request Rides For Other People
Customers can then select a rider from their address book, set a destination and request the ride. But now a new "who will be riding?"prompt allows you to add someone else by name or number".

Ukraine was particularly badly hit, with Prime Minister Volodymyr Groysman describing the attacks on his country as "unprecedented".

"The firm, like many other reported companies, has experienced issues with some of its systems due to suspected malware", the company said in a statement to the publication.

Chernobyl became the site of the world's worst nuclear disaster in 1986 when the plant suffered a meltdown.

Reporting from UK-based newspaper The Telegraph describes a cyberattack that has crippled firms, airports, banks and government departments in Ukraine, with Danish and Spanish multi-national firms also paralyzed by the attack.

The attacks on Russian and Ukrainian companies involved a type of ransomware that locks users out of the computer and demands purchase of a key to reinstate access, said cybersecurity company Group IB. Users typically have to pay a $300 Bitcoin ransom to decrypt their files.

The headquarters of shipping company A.P. Moller-Maersk in Copenhagen, Denmark. "By midafternoon, breaches had been reported at computers governing the municipal energy company and airport in Ukraine's capital, Kiev, the state telecommunications company Ukrtelecom, the Ukrainian postal service and the State Savings Bank of Ukraine".

The minister said the attackers are essentially trying to rob people of money and the government will be doing everything it can to prevent an attack here. It said it avoided any impact on oil production by switching to backup systems.

There are various channels through which a ransomware could land on the system, noted Sharda Tickoo, Technical Head at Trend Micro, India, in a 15 May note when the WannaCry malware broke out.

"Cyber-criminals are exploiting the fact that companies have very limited visibility behind their firewalls", said Sahir Hidayatullah, CEO of Smokescreen Technologies, a cybersecurity company.

Share