Wide-scale Petya variant ransomware attack noted
Sent from a reader earlier today:
- Hearing some rumors that the company Merck is having a major virus outbreak with something new and their Europe networks are affected more than their US offices. Have you heard anything on this?
A quick check reveals that, apparently, another global ransomware attack is making the rounds today.
- Forbes: Another Massive Ransomware Outbreak Is Going Global Fast (2017-06-27 14:44 UTC)
- International Business Times: It's happening again: Huge ransomware attack on computer systems 'spreading worldwide' (updated 2017-06-27 14:23 UTC)
- The Verge: A new ransomware attack is devastating airlines, banks, and utilities across Europe (2017-06-27 14:01 UTC)
Initial reports indicate this is much like last month's WannaCry attack. According to the Verge article, today's ransomware appears to be a new Petya variant called Petyawrap. At this point, we see plenty of speculation on how the ransomware is spreading (everything from email to an EternalBlue-style SMB exploit), but nothing has been confirmed yet for the initial infection vector.
Alleged samples of this ransomware include the following SHA256 hashes:
- 027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745
- 8143d7d370015ccebcdaafce3f399156ffdf045ac8bedcc67bdffb1507be0b58
AlienVault Open Threat Exchange (OTX) is currently tracking this threat at:
We'll provide more information as it becomes available.
Keywords:
6 comment(s)
×
Diary Archives
Comments
Anonymous
Jun 27th 2017
7 years ago
https://dshield.org/forums/diary/It+has+been+a+month+and+a+bit+how+is+your+new+patching+program+holding+up/22540/
Anonymous
Jun 27th 2017
7 years ago
https://www.bleepingcomputer.com/news/security/wannacry-d-j-vu-petya-ransomware-outbreak-wreaking-havoc-across-the-globe/
theREGISTER
http://www.theregister.co.uk/2017/06/27/ransomware_outbreak_hits_ukraine/
NAKED Security (Sophos):
https://nakedsecurity.sophos.com/2017/06/27/breaking-news-what-we-know-about-the-global-ransomware-outbreak/
SECURITY Week:
http://www.securityweek.com/petya-ransomware-outbreak-hits-organizations-globally
MOTHERboard
https://motherboard.vice.com/en_us/article/qv4gx5/a-ransomware-outbreak-is-infecting-computers-across-the-world-right-now
BBC
http://www.bbc.com/news/technology-40416611
RECORDED Future stats show an uptick today
Anonymous
Jun 27th 2017
7 years ago
Anonymous
Jun 27th 2017
7 years ago
--
Regards Falk
Anonymous
Jun 27th 2017
7 years ago
Anonymous
Jun 29th 2017
7 years ago