Ransomware

A new ransomware outbreak today has hit some major infrastructure in Ukraine including Kiev metro. Here are some details about this new variant of Petya.

Public sources have confirmed that computer systems in the Kiev Metro, Odessa naval port, Odessa airport, Ukrainian ministries of infrastructure and finance, and also a number of organizations in Russia are among the affected organizations.

The infection mechanism works well – which is crucial for determining how big of a deal a piece of malware is.

Social engineering may play a vital part in persuading a victim to open a malicious executable or website, says ESET's David Harley on social engineering and ransomware.

Numerous reports are coming out on social media about a new ransomware attack in Ukraine, which could be related to the Petya family.

Experts in the UK and the US have reportedly claimed that the recent global WannaCryptor ransomware attack was initiated by the North Korean Lazarus Group.

ESET has released a decryptor for AESNI ransomware variants, including XData. Victims who still have encrypted files can now download it from ESET's utilities page.

A week after the global outbreak of WannaCryptor, also known as WannaCry, another ransomware, known as XData, has been making rounds.

ESET have prepared a new Crysis decrypting tool. Victims who still have their encrypted files can now download the decryptor from its utilities page.