New ransomware virus with name “GoldenEye” or “Petya” has striked the world. Ransomware is a type of malware that prevents or limits users from accessing their systems, either by locking the screen or by locking the users’ files unless a ransom is paid.
This cyber attack disrupted computers at Russia’s biggest oil company, Ukrainian banks and multinational firms.
Operations at one of the three terminals of Jawaharlal Nehru Port (JNPT) in Mumbai, India’s largest container port, were disrupted.
The ransomware virus crippled computers running Windows by encrypting hard drives and overwriting files, then demanded $300 in bitcoin payments to restore access.
GoldenEye is combination of Petya and MISCHA ransomware-type viruses.
It included code known as “Eternal Blue,” which cyber security experts widely believe was stolen from the U.S. National Security Agency and was also used in last month’s ransomware attack, named “WannaCry.”
Ransomware can arrive from different file types including .DOC (Microsoft Word), .XLS (Microsoft Excel), .JPG (a photo format), .ZIP (a compressed file/folder), .PDF (Portable Document Format), and other commonly used file extensions. It can also arrive on system in Javascript attachments.
Cyber security experts have warned that this time the virus is much more dangerous because it is designed to spread rapidly though networks.
GoldenEye /Petya operators have already received 13 payments in almost two hours. That is $3.5K USD worth in digital currency.
Microsoft released patches for all Windows operating systems after the global outbreak, but people who’ve updated their computers could still be affected.
Just like WannaCry attacks a couple of months ago, both GoldenEye and Petya effect only Windows PCs and not Mac users.
