Auteur Sujet: [BC] Petya is back and with a friend named Mischa Ransomware  (Lu 640 fois)

0 Membres et 1 Invité sur ce sujet

Hors ligne chantal11

  • Admin Formation
  • Mega Power Members
  • ****
  • Messages: 22726
    • Windows 10 - Windows 8 - Windows 7 - Windows Vista
Bonjour,

Une fiche BleepingComputer sur le ransomware Petya / Mischa

Petya is back and with a friend named Mischa Ransomware


Citer
A new installer for Petya was released that also installs the Mischa Ransomware if it is unable to gain Administrative privileges.  In the past, when Petya was installed it requested Administrative privileges so that it could modify the master boot record. If it was unable to gain these privs, the installer would not do anything to the computer.  This has all changed, though, as now if the installer is unable to gain the required privs, it will instead install the Mischa Ransomware instead.


Unfortunately, at this time there is no way to recover your files for free, but it is always suggested that you attempt to use Shadow Explorer to see if your Shadow Volume Copies are intact. These can then possibly be used to restore older versions of the encrypted files. You can find information on how to do this in the Locky Information guide: http://www.bleepingcomputer.com/virus-removal/locky-ransomware-information-help#shadow.
 

Security-X


Hors ligne chantal11

  • Admin Formation
  • Mega Power Members
  • ****
  • Messages: 22726
    • Windows 10 - Windows 8 - Windows 7 - Windows Vista
Re : [BC] Petya is back and with a friend named Mischa Ransomware
« Réponse #1 le: mai 22, 2016, 08:41:25 »
Une autre fiche sur ce ransomware Petya / Mischa

The Petya and Mischa Ransomware are part of a new Affiliate Service

 

Tags: