Petya ransomware is one of a kind. This is the first time it is observed for a ransomware type of cyber-threat to have Rootkit capabilities. What the malware does is illustrated in the following methodology:1. Infection - once downloaded by malicious URLs or attachments sent out via email which links to a Dropbox file, the program appears to mimick a Windows Shield type of app. Once executed, it crashes the computer, resulting in a BSOD (Blue Screen Of Death).2. Action - once the user PC is restarted, you see the following scary Skull type of screen with the ransom instructions:
Unlike any other ransomware, this one does not fool around. Instead of the typical given time for the victim to pay the ransom money which is several days the very most, Petya gives several hours. This is extremely effective for the cyber-criminals since it takes significantly more time than several hours to unlock the computer. What is worse, a traditional boot scan does not do the job, so the best protection against this ransomware is to run applications sandboxed
and to combine this with a strong AntiVirus and Anti-Malware software. How To Fix It?
Unfortunately at this point in time there is no direct decryption method for free. The only mehtod to decrypt drives encoded by Petya is to follow the instructions, pay the 0.9 BTC
and hope for the best. In case you have Cloud Backup
, do not worry however, you may be able to download your files on a non-infected computer and simply reformat your drive and reinstall Windows.
We will keep you posted in this thread if a new solution surfaces, regarding Petya Ransowmare. You may find more information and eventual removal instructions to be updated in the article about Petya Ransomware