Phorpiex as a malware family has been around for several years and hasn’t changed much in purpose, functionality, or code…
Regardless of the level of your technical control, its the importance of developing a response plan that really matters. Many companies don’t have a plan, particularly midmarket organizations that pay little attention to security.
In a camera-ready twist, the demand for ransom actually did come in the form of an analog note. Users were instructed to turn on their printers, which promptly spat out a demand for a “licensing fee” of $189 to be paid …
Petya is a type of ransomware that appeared in early 2016 and returned to a trick first seen in the early 1990s, whereby criminals do not encrypt all the files on your computer but instead they attack a part of the operating system called the Master File Table (MFT).
From the looks of images being posted across social media, the ransomware note is in English and demanding $300 in Bitcoin, similar to the WannaCry ransom.
After finding the reference to this domain in the Trojan’s code, the researcher registered the domain, thus suspending the attack. In the remainder of the day, the domain was addressed tens of thousands of times, which means that tens of thousands of computers were spared.
Unfortunately, there is currently no way to decrypt files that have been encrypted by WannaCry, however there are researchers right now totally dedicated to this kind of cyber threat.
The attack started on Friday, 12 May 2017, infecting more than 230,000 computers in 150 countries, with the software demanding ransom payments in the cryptocurrency Bitcoin in 28 languages.