Leave a comment

Vaccine Found for NotPetya Ransomware

Paul Rubens - June 28, 2017 - 07:28 AM
Vaccine Found for NotPetya Ransomware
Creating a file with a specific name renders computers immune to the NotPetya malware's malicious behavior.

(CCM) — Computer users can "vaccinate" their PCs to make them immune to the devastating NotPetya ransomware that struck organizations around the world this week, the BBC is reporting. A security researcher at Cybereason has discovered that creating a file called "perfc," making it read-only, and saving it in the computer's "C:\Windows" folder is enough to deactivate the malware, so that it does not start encrypting important files. However, creating a "perfc" file does not stop the ransomware from spreading, so other computers on the same network can still become infected by the vaccinated computer.

Unlike WannaCry, the ransomware that caused havoc around the world last month, NotPetya does not travel beyond the network that it finds itself on, so it is unlikely to spread as quickly.

Organizations that were hit by NotPetya include the Ukrainian central bank, Russian oil company Rosneft, U.K. advertising agency WPP, and U.S. law firm DLA Piper.

When ransomware encrypts data on an infected machine, the only way to obtain the decryption key is generally to pay the ransom demanded. But in the case of NotPetya, the payment method does not work, according to the BBC report. This has led many experts to believe that the authors of NotPetya were politically motivated. "This looks like a sophisticated attack aimed at generating chaos, not money," computer scientist Prof. Alan Woodward told the BBC.

Image: © iStock.
Add comment


Respond to Anonymous User