Apps: Security

Vaccine from the New Ransomware

vaccine new ransomware
Vaccine from the New Ransomware

Symantec Discovered a ‘Vaccine’ from the New Ransomware

On Tuesday organizations across the world suffered just another huge cyber-attack. But the key feature of this ransomware nicknamed ‘Misha’ is that the victims can’t pay the ransom fee: the culprits provided an invalid email address that was shut down by the hosting provider. The Bitcoin wallet where ransom money should be deposited hasn’t been touched at all. For the moment the wallet contains about $8,000-worth of Bitcoin, a ridiculous prize for a significant and widespread attack.

vaccine new ransomware

Source of the image:

That’s why this attack is viewed upon as politically motivated attack on Ukraine as it started on the Constitution Day.

How it Spreads

Cisco’s Talos experts believe the attack may have been carried out by exploiting vulnerable accounting software. Specifically, by software update systems for a Ukrainian tax accounting package called MeDoc, the post in the company’s blog informs

MeDoc posted an update to its website on Tuesday saying, in Russian, “Attention! Our server made a virus attack” but later removed it and is now denying the fact that its software was exploited.

But politically motivated or not, ‘Misha’ has affected systems across the world. It inflicted computer networks in Russia enterprises and is detected in Europe and USA. Russian oil giant Rosneft, British advertising firm WPP, DLA Piper law firm and at least one hospital in the US city of Pittsburgh suffered the attack as well.

What is the ‘Vaccine’ Symantec Discovered

Since the attack started, many security experts has been searching for a method to stop the epidemic. As with the WannaCry the solution is simple and unexpected enough. The Symantec experts has discovered that ‘Misha’ looks for a file called perfec.dll on an attacked computer. This file signals that the system is infected. So the answer is to create a faked file and cheat the malware.

How to Create the ‘Vaccine

  1. Open WordPad.
  2. Save the empty file on a desktop under the name of perfec.dll
  3. Right-click the file and click Properties in a drop-down menu.
  4. Tick the Read Only box and save the changes.
  5. Copy it into the C:/Windows. You have to have an admin access to do this.

Disclaimer: It’s an emergency measure and it will give you some time to update your antivirus and protect your system thoroughly. Please, check your antivirus provider for a patch against ‘Misha’ immediately.

The experts also state that updating the OS on a regular basis is all a private user need to stay on the safe side. Still, many users forget to update or do not update the system deliberately to avoid the hardware conflicts Windows 10 is so notorious for.


Though the ransomware won’t be able to harm your system it can use it as an ‘infected’ platform all the same. We stress it once more that you use this cure only when you aren’t able to get any updates soon but strongly suspect that your system may be in danger. For instance, if you used the public hotspot. So, remember to remove the fake perfec.dll file after you update your OS and antivirus.

The Dangers of Tomorrow

Ransomwares has become not only criminal but political tools as well. Known the high security standards in governmental offices and facilities, hackers use the official software sites to inflict the computers with impunity. A mouse and a keyboard are now as dangerous as the nuclear weapons and even more. The Western powers has to face the challenge at once and assign means for building a hack-proof sandboxed network for governments and public facilities.

Though, it’s impossible to create a 100% hack-proof network, the scale and number of cyber-attacks can be diminished significantly.

And we add one more advice to the list of precautions we’ve shared with our readers. It goes: always check the software manufacturers’ sites to see if they’re secure. The virus can sneak in with the legal update.

Click to add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Apps: Security

More in Apps: Security


    ESN, IMEI/MEID and Other Annoying Words to Remember Every person has some sort of ID, either a...

  • Mobile Payment Technologies

    Mobile Payment Technologies (MPT) Smart devices are rapidly becoming the wallet of the future, and mobile payments...

  • President Putin Prohibits VPN and Anonymizers

    Putin and VPN: President Putin’s Whipping the Waves Russian President Vladimir Putin has signed a law prohibiting...

  • ORWL: Little Samurai

    ORWL: Little Samurai Samurai were famous for their loyalty: these warriors died protecting their lord and if...

  • Quantum Networks For All

    Quantum Networks For All The recent outbreak of WannaCry ransom malware brought up a lot of issues....

  • Schedule PC Shut-Down

    How to Schedule the PC Shut-Down with Third Party Programs PCs still lack the most needful tool...

  • Backup – Your Password to Safety

    Backup – Your Password to Safety The WannaCry ransomware caused a lot of troubles to public organizations...

  • Blockchain

    Blockchain What is Blockchain and could it really reverse the course of civilization, according to Website...

  • Weaponized USB Stick – Destroy Them All!

    Weaponized USB Stick – Destroy Them All! Researchers have developed new technology that can prevent stolen electronics...

©2017 All Rights Reserved. is not affiliated with the manufacturers of the items available for trade-in. is trademarks of Best Video Studio LLC, registered in the U.S. All other trademarks, logos and brands are the property of their respective owners.