Petya is a new and powerful ransomware that targets and encrypts the Master Boot Record (MBR) of the compromised computer, replacing it with a malicious loader. The MBR contains information that loads the Operating System on a computer which can’t load with OS). The malware forces Windows to reboot and demands 0.9 Bitcoin in return for the decryption key, or about $390 USD as of April 2016.
Petya is distributed through emails that are written in a very polite manner, and with proper grammar. The email, presented as coming from an applicant for a job position, contains a Dropbox link. This link supposedly leads to a CV, or some other important document, that is too big to be sent as an attachment. If a user opens it, the virus captures the computers. Instead of loading an Operating System, a message loads requesting the ransom, accompanied by an image of a skull generated on ASCII. Instructions are then loaded on the screen, telling users to use the Tor network to pay the ransom.
Petya claims to use a military encryption algorithm. The origin of the ransomware is unknown, although the name Petya is a common name in Russia, Bulgaria, and a few other countries with Slavic population. On the other hand, Petya and the Wolf (Op. 67), is a well-known composition written by Soviet composer Sergei Prokofiev in 1936 in the USSR. It is a children’s story, spoken by a narrator and accompanied by an orchestra.
Note that the Petya ransomware can also be distributed via social networks or file sharing services, asking users to open the link.
Here is how the message reads: “You have become a victim of the Petya Ransomware. The hard disks of your computer have been encrypted with a military grade encryption algorithm. There is no way to restore your data without a special key. You can purchase this key on the dark net page shown in step 2. To purchase your key and restore your data, please follow these three easy steps:
If you already purchased your key, please enter it below.”
Contacting the ransomware creators is unlikely to help. No one can guarantee that you will have your data and drives unlocked and restored. Paying the makers of the ransomware encourages them to create new ransomwares. There is no guarantee that you will get your computer back.
Unfortunately, there are currently no known ways exist to repair the Master Boot Record. Thus, the damage may be irreparable and your disk drive may remain locked forever.
See also:
Credit photo: Photograph in public domain
Apple has explained why you shouldn't put your iPhone into a bowl of rice if…
Apple is finally set to fix the biggest flaw in the iPhone's camera The images…
Windows 11 Has Just Launched Its Latest Significant Update, Moment 5, as Part of April's…
Artificial Intelligence For All on iPhones: Hidden Or Not? Apple has remained relatively silent about…
What Can We Expect from the New iPhone SE 4 and When Will We See…
Apple Released iOS 17.4 Apple has rolled out iOS 17.4 on March 5, over a…