Ransomware Doesn't Pay: Email Company Ensures Petya Files Stay Scrambled Forever

© Sputnik / Alexey Malgavko / Go to the mediabankRansomware attacks global IT systems
Ransomware attacks global IT systems - Sputnik International
Subscribe
German email provider Posteo has extinguished the last flicker of hope that victims of the Petya global ransomware attack might get their files back.

A user takes a selfie in front of a laptop at WPP, a British multinational advertising and public relations company in Hong Kong, China June 28, 2017 in this picture obtained from social media - Sputnik International
World
Cases of Ransomware Attacks Worldwide Reaches 2,000 - Kaspersky Lab
On Tuesday, a global ransomware attack dubbed "Petya" hit numerous computers in several countries, inflicting particularly severe damage to IT systems of government authorities, state and commercial companies, airports and media. 

The malware blocked computers and left a ransom note demanding $300 in bitcoin currency. It instructs victims to contact the hacker via email once they have sent the money, to get the key needed to decrypt their files and get the money back.

The hackers gave an email address hosted by the German Posteo service. However, Posteo has decided to block the account, leaving anybody who does pay the ransom without a way of letting the hackers know their details.

​​"We do not tolerate the misuse of our platform: The immediate blocking of misused email accounts is the necessary approach by providers in such cases," Posteo stated on Tuesday.

In an email to the tech website Motherboard, Posteo said, "Please make no speculations about how high the chances are to decrypt files locked by ransomware if you pay a criminal."

© SputnikHi, It’s Petya
Hi, It’s Petya - Sputnik International
Hi, It’s Petya
Early victims of the Petya ransomware were oil, telecommunications and financial companies in Russia and Ukraine, after which the virus spread to computers across the world. 

More than 30 victims are believed to have paid the ransom so far, although it is unclear whether their files were then decrypted.

Petya spreads using a similar method to the WannaCry virus which spread last month by attacking vulnerabilities in older Windows operating systems. Both viruses are derived from code known as Eternal Blue, which was developed by the NSA and leaked by the Shadow Brokers in April.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала