Security-X
Forum Security-X => Sécurité Générale => Malwares => Discussion démarrée par: chantal11 le mai 22, 2016, 08:39:38
-
Bonjour,
Une fiche BleepingComputer sur le ransomware Petya / Mischa
Petya is back and with a friend named Mischa Ransomware (http://www.bleepingcomputer.com/news/security/petya-is-back-and-with-a-friend-named-mischa-ransomware/)
A new installer for Petya was released that also installs the Mischa Ransomware if it is unable to gain Administrative privileges. In the past, when Petya was installed it requested Administrative privileges so that it could modify the master boot record. If it was unable to gain these privs, the installer would not do anything to the computer. This has all changed, though, as now if the installer is unable to gain the required privs, it will instead install the Mischa Ransomware instead.
Unfortunately, at this time there is no way to recover your files for free, but it is always suggested that you attempt to use Shadow Explorer to see if your Shadow Volume Copies are intact. These can then possibly be used to restore older versions of the encrypted files. You can find information on how to do this in the Locky Information guide: http://www.bleepingcomputer.com/virus-removal/locky-ransomware-information-help#shadow.
-
Une autre fiche sur ce ransomware Petya / Mischa
The Petya and Mischa Ransomware are part of a new Affiliate Service (http://www.bleepingcomputer.com/news/security/the-petya-and-mischa-ransomwares-part-of-a-new-affiliate-service/)