Sup! You must login or signup first!

Maxresdefault

Submission   6,862

Part of a series on Ransomware. [View Related Entries]

Overview

The 2017 Peyta Ransomware Attack refers to a global cyber attack using the Peyta family of encrypting malware, which infects the master boot record on Microsoft Windows systems to force a reboot and demand a payment in bitcoin to remove encryption of system files.

Background

In March 2016, early variations of Peyta were initially discovered, followed by an additional variant with a secondary payload the following month.[1] On June 27th, 2017, a new variant of Petya was launched in a global cyber attack, primarly targeting companies in Russia and the Ukraine, most notably infecting the National Bank of Ukraine. The malware subsequently infected machines across France, Germany, Italy, Poland, United Kingdom and the United States.

Developments

Investigation

The Cisco security division Talos speculated that the malware circulated through a vulnerability in the Ukrainian tax accounting package MeDoc, which downloaded Peyta as an update.

Ukrainian Response on Twitter

On June 27th, the official Twitter account for the Ukraianian government posted an animated "This Is Fine": GIF along with a message announcing that many of the country's government agencies and private firms were hit by the virus (shown below). Within 48 hours, the tweet gathered more than 10,300 likes and 7,700 retweets.


Online Reaction

Also on June 27th, a post about the ransomware reached the front page of /r/technology,[2] gathering upwards of 3,300 points (94% upvoted) and 600 comments within 48 hours. Meanwhile, the United Kingdom-based information assurance firm NCC Group[4] published a live-updated blog regarding the ransomware attack, which subsequently reached the front page of /r/netsec.[3]

Search Interest

External References



Share Pin

Related Entries 3 total

Wanadecrypt0r
WannaCry Ransomware Attack
Cover3
2021 U.S. East Coast Gas Shor...
Cryptolocker_program
CryptoLocker Ransomware Attack

Recent Images 0 total

There are no recent images.


Recent Videos 0 total

There are no recent videos.




Load 9 Comments
2017 Peyta Ransomware Attack

2017 Peyta Ransomware Attack

Part of a series on Ransomware. [View Related Entries]

Updated Jun 29, 2017 at 12:43PM EDT by Don.

Added Jun 29, 2017 at 09:21AM EDT by Don.

PROTIP: Press 'i' to view the image gallery, 'v' to view the video gallery, or 'r' to view a random entry.

This submission is currently being researched & evaluated!

You can help confirm this entry by contributing facts, media, and other evidence of notability and mutation.

Overview

The 2017 Peyta Ransomware Attack refers to a global cyber attack using the Peyta family of encrypting malware, which infects the master boot record on Microsoft Windows systems to force a reboot and demand a payment in bitcoin to remove encryption of system files.

Background

In March 2016, early variations of Peyta were initially discovered, followed by an additional variant with a secondary payload the following month.[1] On June 27th, 2017, a new variant of Petya was launched in a global cyber attack, primarly targeting companies in Russia and the Ukraine, most notably infecting the National Bank of Ukraine. The malware subsequently infected machines across France, Germany, Italy, Poland, United Kingdom and the United States.

Developments

Investigation

The Cisco security division Talos speculated that the malware circulated through a vulnerability in the Ukrainian tax accounting package MeDoc, which downloaded Peyta as an update.

Ukrainian Response on Twitter

On June 27th, the official Twitter account for the Ukraianian government posted an animated "This Is Fine": GIF along with a message announcing that many of the country's government agencies and private firms were hit by the virus (shown below). Within 48 hours, the tweet gathered more than 10,300 likes and 7,700 retweets.




Online Reaction

Also on June 27th, a post about the ransomware reached the front page of /r/technology,[2] gathering upwards of 3,300 points (94% upvoted) and 600 comments within 48 hours. Meanwhile, the United Kingdom-based information assurance firm NCC Group[4] published a live-updated blog regarding the ransomware attack, which subsequently reached the front page of /r/netsec.[3]

Search Interest

External References

Recent Videos

There are no videos currently available.

Recent Images

There are no images currently available.


Top Comments


+ Add a Comment

Comments (9)


Display Comments

Add a Comment