Petya ransomware swarms European and US companies

Just a short month after the WannaCry ransomware hit computer systems worldwide, a new wave of cyberattacks have now lashed out in both the US and Europe. Early reports of this new attack indicate that elements of code known as “Eternal Blue” were used.

“Eternal Blue” code is believed by many to have been stolen from the US National Security Agency (NSA) and deployed in the WannaCry malware.  According to news agency Reuters which cited information from Kaspersky Lab, “some 2,000 attacks were observed as of midday in New York on Tuesday”.

Among countries most affected were Russia and Ukraine, although nine other European countries were targeted including Britain, France, Germany, Italy and Poland. According to Moscow-based cybersecurity firm Group IB, an estimated 80 Russian and Ukranian companies have been hit so far.

The new ransomware dubbed “GoldenEye” or “Petya” is also following a similar theme as WannaCry by locking computers until a ransom is paid in BitCoin. Kaspersky researchers however feel that the ransomware is not the same and have instead dubbed it “NotPetya”.

Petya
Source: NY Times

According to a cyberintelligince firm, this new attack is suspected to have started in the Ukraine and had begun with attackers loading the ransomware onto computers during a routine update phase of a popular accounting software program.

So far, some known major victims include;

  • Shipping giant Maersk which has reported outages at facilities including its Los Angeles terminal
  • WPP, the world’s largest advertising agency, which has asked workers to shut down their computers
  • Russia’s Rosneft, one of the world’s biggest crude oil producers, which has now switched over to backup systems
  • US-based pharmaceutical firm Merck, which has reported computers down across multiple sites and business units
  • Ukraine’s postal service and metro system in Kiev also reported hacking problems
  • The Chernobyl nuclear power plant was also hit and disabled, although radiation checks are still being conducted manually
  • India-based Beiersdorf, makers of Nivea skin care products, has also reported hits on some of their systems in the country
  • Ukraine’s central bank has also warned financial firms across the country that an unknown virus has hit the sector

 

Leave a Reply

Your email address will not be published. Required fields are marked *