Jump to content

How to protect yourself against Petya malware


RV_

Recommended Posts

I am sure there are lots of folks that think they can afford to lose all that is on their computer. But as I harp on a lot it is critical today to do your patches! Lots of folks are still running XP and even though Microsoft issued a patch for this in March, and even for XP users too, folks just think they are under the radar. If you don't patch, don't complain about Microsoft, they aren't the problem.

Excerpt:

"How to protect against it

There are two ways Petya/GoldenEye attacks a computer. "The exploit attacks vulnerable Windows Server Message Block (SMB) service, which is used to share files and printers across local networks," said David Sykes, business security expert at Sophos. "Microsoft addressed the issue in its MS17-010 bulletin in March, but the exploit proved instrumental in the spread of WannaCry last month. The new Petya variant can also spread by using a version of the Microsoft PsExec tool in combination with admin credentials from the target computer."

These problems have been patched, but some people have not downloaded the fix, so it keeps spreading. Your first line of defense is to be sure you have the latest version of Windows: If you have automatic updates turned on, you're safe. The update should already be installed to your computer.

If you don't have auto update on, you can download the security update here:

Windows has a download page for all versions available here.

 

Next, make sure that your antivirus software is up to date. Most antivirus companies already have patches out that block Petya and this new version of it."

More in the article here:

https://www.cnet.com/how-to/petya-goldeneye-malware-ransomware-protect-yourself-against/?ftag=CAD3c77551&bhid=20640562413884385817807471581031

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

It's worse!

The malware is now considered to be a "wiper infection" that wipes your drive with no hope of decrypting the data in an infected computer. The good news is the initial wave of the global attack is over, and patched/updated computers since March are safe for now.

Excerpt:

“We actually consider this a sabotage attack or wiper attack. Whether it is intentional or not, I’ll leave that to others to speculate,” said Juan Andres Guerrero-Saade, senior security researcher at Kaspersky Lab. “You can’t call an attack, with no possible way of decrypting files, a ransomware attack,” he said.

According to Comae Technologies researcher Matt Suiche, there is bug in the malware’s encryption code that prevents any decryption key from working. That is something independent of the fact the German email provider Posteo shut down the attacker’s email address preventing victims from contacting the attacker in order to have payments verified.

“The actual function to encrypt files contains a logic bug. Because of the way the malware encrypts the data, it makes it impossible to decrypt the files properly, assuming there was a decryption key,” Suiche said during the webinar.

The good news about the outbreak is the initial attack wave is over. Suiche said most of the damage from ExPetr has already been done. “So, if you haven’t been effected by now it’s very unlikely you are going to be,” he said. The initial infection, unlike WannaCry, was one big wave, he said."

 

More here: https://threatpost.com/expetr-called-a-wiper-attack-not-ransomware/126614/?utm_source=newsletter&utm_medium=Email&utm_campaign=tp daily digest

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

RVers Online University

Giraffe G4.

mywaggle.com

campgroundviews.com

RV Destinations

Find out more or sign up for Escapees RV'ers Bootcamp.

Advertise your product or service here.

RVTravel.com Logo



×
×
  • Create New...