Petya-esque ransomware

Earlier yesterday morning, many businesses around the world were hit by a new Petya-esque ransomware attack (aka Petya/NoPetya). Similar to last month's WanaCrypt0r, this ransomware uses the EternalBlue exploit to target SMB vulnerabilities in Windows to help it spread and then goes one step further by hijacking the MBR (Master Boot Record) to prevent the computer from getting back in to the OS. For all the technical details and latest updates, check out our dedicated blog post.

Customers using Malwarebytes 3 Premium are protected against this specific ransomware variant. In fact, systems with Malwarebytes 3 Premium were protected at the zero hour due to our signature-less anti-ransomware technology.

If you and your clients are in need of Malwarebytes 3, we got you! If you need Malwarebytes 3, contact us and we can offer you discounted pricing!!!

Full protection from this threat can also be achieved by:

  • Updating and deploying security software with anti-ransomware capabilities
  • Updating and securing operating systems on your network, including checking for any open SMB ports on any Internet-facing systems
  • Locking down user accounts from having administrative powers and possibly even removing/shutting down admin systems that might utilize the PSExec method of spreading the malware
  • If you are a business owner, making sure your users are aware of this current threat
  • Opening emails with a high degree of scrutiny in the near future
2017 MI Tech Medic, LLC | All Rights Reserved