A New Wave of Ransomware Cyber Attack is Spreading Around the World

Petya Ransomware

Yup, its only been one month since the WannaCry cyber attack was stopped and we already have a second go at a similar attack.

This new ransomware, dubbed Petya or Petrwrap, is targeting businesses and governmental institutions around the world. Reports indicate that the attacks started in Ukraine which later spread to Spain, France, Russia and India, with Ukraine’s Oschadbank and Russia’s Rosneft bank among the victims.

Well, even some Point of Sale systems have felt the pinch this time:

According to Symantec, Petya is using the same EternalBlue exploit that was used by WannaCry to spread. Reports also indicate that Petya is a well-known software that is offered as a RaaS (Ransomware as a Service) software on the dark web.

Unlike WannaCry, the situation seems to be less detrimental this time however, at the time of this article, around 35 payments had been made to the Petya Bitcoin account, totaling to around $8,988.

According to a McAfee executive, the payments are likely to be from security researchers but still warns against paying the ransom, as it is not a gurantee that a decryption key will be provided by the attackers.

“We saw this with WannaCry; there are so few people that are making the payments,” said the MaAfee executive. “I think the message of ‘don’t pay’ seems to be getting through.”

However, security researchers have a theory that these attacks have more to it than just the few dollars they get from the “ransom”. The attacks look like ransomware but it seems like that is not their main intention.

This second wave of attack is a clear indication that governments and other institutions do not take cyber security seriously, even after the WannaCry attack. I am particularly worried about the Kenyan government, who already have a spamming problem.

Read More: Official Kenya Government Emails Used to Send Out Spam Messages