Ransomware Villains Petya And Mischa Form Unbeatable Team!
By Contel Bradford via StorageCraft
By now we know that ransomware operates by encrypting select files and demanding the victim pay a ransom to decrypt them. A pesky new strain called Petya takes a different approach to wreaking havoc. Instead of encrypting one file at a time, it locks down the whole machine by encrypting the master boot record, which contains all the data needed to load the operating system. Unable to launch the system, victims are forced to make some crucial decisions – fast! The ransom sum doubles after seven days. If you’re thinking Petya sounds like a piece of work, you literally haven’t heard the half of it.
Multiple sources are reporting that a new Petya strain has been unleashed, this time accompanied by a second piece of malware coined “Mischa.” When it first emerged on the scene, Petya needed administrative privileges to encrypt the MBR, crash the system and reboot it with the ransom note front and center. Without this access, it would halt the infection process and essentially give up. If the necessary privileges can’t be obtained, the latest version of Petya simply introduces Mischa. And Mischa doesn’t require any special access to lock your system down with airtight AES encryption.
Get unlimited access to:
Enter your credentials below to log in. Not yet a member of VAR Insights? Subscribe today.