Petya malware

[link1896]

Maybe it's the North Koreans, who knows. The methodology was born out of a windows vulnerability the USA home land security discovered. It's mainly delivered by email as an attachment.

It encrypts your hard drive and demands money via bitcoin. It's run wild today. Don't open an email program on a windows PC , best to check your email by webmail and delete anything suspicious. Don't trust attachments from anyone.

Update your antivirus definitions and let windows do a full update.

 

[johnny]

Russia released it into the wild, now it's eating them, just like wannacry did.

 

[pink poodle]

Guess I won't read that job offer from the Prince of Nigeria then.

 

[pink poodle]

Porn is still safe though yeah?

 

[thatsnotme]

Porn is still safe though yeah?

Porn sites are host to so many viruses that Petya can't get a foothold. Kinda like Mr. Burns.

[video=youtube_share;aI0euMFAWF8]https://youtu.be/aI0euMFAWF8[/video]

 

[Freediver]

One more reason for using Gnu/Linux

 

[Mr Crudley]

Guess I won't read that job offer from the Prince of Nigeria then.

Damn, I thought I had no competition for that one.

Sent from my F5121 using Tapatalk

 

[Mr Crudley]

One more reason for using Gnu/Linux

True, but everything has holes to some extent. Just avoid 'su - root cd/ rm -rf'

Sent from my F5121 using Tapatalk

 

[pink poodle]

One more reason for using Gnu/Linux

I had a gnu snowboard for a season. It under delivered on performance, but was still pretty cool. I haven't tried Linux yet. It doesn't sound like a powder gig.

 

[link1896]

True, but everything has holes to some extent. Just avoid 'su - root cd/ rm -rf'

Sent from my F5121 using Tapatalk

Did your head of IT insist on unique root passwords for every OS instance too?

 

[Freediver]

True, but everything has holes to some extent. Just avoid 'su - root cd/ rm -rf'

Sent from my F5121 using Tapatalk

and leave anything with "shred" in it for The Poodle.

 

[pink poodle]

It will be shedding time soon...

 

[Mr Crudley]

Did your head of IT insist on unique root passwords for every OS instance too?

If it is something else other than abc123 then I'd give up and go home.

Sent from my F5121 using Tapatalk

 

[stirk]

I disabled SMBv1 after wannacry even though my system is up to date with patches. I don't need to print much from my home laptop but I could always enable SMBv1 again if I did

Given it would be difficult to near impossible for the hackers to effectively decrypt all the systems they have captured and the fact the revenue returned for the attack is nil I think these attacks are either learning experiences for young hackers or simply destructive acts. These attacks could take down serious infrastructure systems with fatal implications, these hackers are total fuckwits and should be treated as attempted murderers if caught.

 

[link1896]

I disabled SMBv1 after wannacry even though my system is up to date with patches. I don't need to print much from my home laptop but I could always enable SMBv1 again if I did

Given it would be difficult to near impossible for the hackers to effectively decrypt all the systems they have captured and the fact the revenue returned for the attack is nil I think these attacks are either learning experiences for young hackers or simply destructive acts. These attacks could take down serious infrastructure systems with fatal implications, these hackers are total fuckwits and should be treated as attempted murderers if caught.

Security Now podcast is going to be interesting, haven't listened to it yet.

Surely the Petya code is dynamic and can roll new email addresses? The German ISP the email account was with kicked the user.

Doubt it's young kids, I'm thinking it's state sponsored.

I've heard horror stories, system backups were on a CIFS share with no authentication, Petya has encrypted user files on a desktop and found the CIFS share and encrypted the backups too.

 

[Mr Crudley]

Surely the Petya code is dynamic and can roll new email addresses? The German ISP the email account was with kicked the user.

Doubt it's young kids, I'm thinking it's state sponsored.

Slashdot mentions an update server for some accounting software was comprised and sent out petya. It might have harvested addresses from there onwards.

I'll bet state sponsored too.

For good or bad these things are damn interesting and having nastier payloads all of the time. Pity computers we built on mutual trust and goodwill once upon a time.

Sent from my F5121 using Tapatalk

 

[stirk]

I don't think this is sponsored by any govt or state dictatorship, the impacts to their own systems are too unpredictable. It took out systems at the Chernobyl reactor and could well have caused issues to operational reactors and other govt infrastructure.

Given that some 'leaders' are complete crackpots perhaps it's plausible...

 

[johnny]

These global ransomware attacks are a result of the recent CIA hack the Russians released to divert attention from the probe into electoral interference. These tools are all out in the wild now, could be anyone using them.

 

[droenn]

I dunno if this has anything to do with US - seems either Russia trying to further destablise Ukraine or perhaps an internal rogue? Just from quick reading, mind you.

 

[pink poodle]

In the electronic era, these are our weapons of mass destruction.