 "Deadly 'Petya' malware doesn't ask for ransom, it permanently destroys data")
Initially thought as the 'Petya' ransomware outbreak that shut computers in several countries, cyber security researchers are now dubbing it as a new form of malware attack that doesn't demand ransom but permanently destroys data.
"In other words, the researchers said, the payload delivered in Tuesday's outbreak wasn't ransomware at all. Instead, its true objective was to permanently wipe out as many hard drives as possible on infected networks," arstechnica reported on Friday.
Researchers at Moscow-based cyber security firm Kaspersky Lab have labelled the malware a "wiper."
Kaspersky Lab experts said the new malware is significantly different from all earlier known versions of 'Petya'.
"And that's why we are addressing it as a separate malware family. We've named it 'ExPetr' (or 'NotPetya' -- unofficially)," the Kaspersky Lab blog post said.
The attack appears to be complex, involving several attack vectors.
"We can confirm that a modified 'EternalBlue' exploit is used for propagation, at least within corporate networks," it read.
'ExPetr' (aka 'NotPetya') does not have that installation ID (the 'installation key' shown in the 'ExPetr' ransom note is just a random gibberish), which means that the threat actor could not extract the necessary information needed for decryption.
"In short, victims could not recover their data," the researchers added.
In the 2016 version of 'Petya', the ID contained crucial information for the key recovery.
"Tuesday's malware, by contrast, was generated using pseudorandom data that was unrelated to the corresponding key," wrote Kaspersky Lab researchers Anton Ivanov and Orkhan Mamedov.
Meanwhile, Janus Cybercrime Solutions, the author of 'Petya' resurfaced on Twitter, offering to help those whose files can no longer be recovered.
"The altruistic gesture, even if it does prove fruitless, is uncharacteristic of the criminal syndicate that launched an underworld enterprise by placing powerful exploits in the hands of others to deploy as they see fit," said a Gizmodo report.
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app