Mere weeks after the Wannacry attack that crippled hospitals and other organizations around the world another ransomware attack has hit. The Petya/NonPetya attack successfully targeted victims in Ukraine, Russia, Denmark, the UK and the United States. It caused huge disruptions in banks, energy companies and airports and even caused a few to shut down. Unfortunately, there is no way to cure computers that have already been affected but…
This One File Will make you Safe from the Petya Ransomware Attack
Researchers have found that if the malware is downloaded onto a system it will search for a specific file. If the malware finds the file it will exit the system without encrypting anything. You’ll need to create an extensionless and read-only file called perfc in the C:\\Windows folder.
Looks like if you block C:\Windows\perfc.dat from writing/executing - stops #Petya. Is used for rundll32 import:
You need to go to Control Panel and look for Folder Options. There go to View and under Advanced Settings uncheck Hide known file extensions. Click Apply and then click OK
Then you need to open the C:\\Windows folder. Create a copy of the notepad.exe file. Select the copy of the notepad.exe rename the file to perfc. Right click on the file and go to propoerties and then click Read Only.
This will not kill the Petya malware but, at least for now, it will protect your individual system from becoming affected.
This remedy might not last forever so it is extremely important that you keep all your programs and applications up to date, especially your antivirus security programs. To make sure you’re completely safe follow the tips laid out in the video below.
Via: ZDNet
No comments:
Post a Comment