Security-X

Forum Security-X => Sécurité Générale => Malwares => Discussion démarrée par: chantal11 le avril 09, 2016, 16:15:17

Titre: [BC] Petya Ransomware skips the Files and Encrypts your Hard Drive Instead
Posté par: chantal11 le avril 09, 2016, 16:15:17
Bonjour,

Une fiche BleepingComputer sur le ransomware Petya :

Petya Ransomware skips the Files and Encrypts your Hard Drive Instead (http://www.bleepingcomputer.com/news/security/petya-ransomware-skips-the-files-and-encrypts-your-hard-drive-instead/)

Citer
Typically, when a user becomes infected by a crypto-ransomware, the infection targets and encrypts the files on the victim's hard drives.  This leaves the operating system working properly, but with the user unable to open the encrypted documents. The Petya Ransomware takes it to the next level by encrypting portions of the hard drive itself that make it so you are unable to access anything on the drive, including Windows. At the time of this writing, the ransom payments are at ~.9 bitcoins and there is no way to decrypt your drive for free.

This ransomware is currently being distributed via emails that are targeting the human resources departments of German companies.  These emails contain dropbox links to supposed applications that download a file that when executed will install the Petya Ransomware on the computer. An example filename for the installer is Bewerbungsmappe-gepackt.exe.