Last Updated: 2017-06-27 15:04:50 UTC
by Brad Duncan (Version: 1)
Sent from a reader earlier today:
- Hearing some rumors that the company Merck is having a major virus outbreak with something new and their Europe networks are affected more than their US offices. Have you heard anything on this?
A quick check reveals that, apparently, another global ransomware attack is making the rounds today.
- Forbes: Another Massive Ransomware Outbreak Is Going Global Fast (2017-06-27 14:44 UTC)
- International Business Times: It's happening again: Huge ransomware attack on computer systems 'spreading worldwide' (updated 2017-06-27 14:23 UTC)
- The Verge: A new ransomware attack is devastating airlines, banks, and utilities across Europe (2017-06-27 14:01 UTC)
Initial reports indicate this is much like last month's WannaCry attack. According to the Verge article, today's ransomware appears to be a new Petya variant called Petyawrap. At this point, we see plenty of speculation on how the ransomware is spreading (everything from email to an EternalBlue-style SMB exploit), but nothing has been confirmed yet for the initial infection vector.
Alleged samples of this ransomware include the following SHA256 hashes:
AlienVault Open Threat Exchange (OTX) is currently tracking this threat at:
We'll provide more information as it becomes available.