Inc. "Trend Micro" Trend Micro specialized digital security revealed the spread of a new virus called Petya belongs to Ransomware category targeting operating "windows" system and prevent him from quitting, through overwriting what is known as "record master boot" the MBR of the computer. It can not recover the user to run the system and files only after payment of a ransom of US $ 430 for an attacker.
The master boot record is a software code stored within the first sector of the hard disk and contains information about disk partitions, and is responsible for running "boot loader" for the operating system. If the boot record is unable to quit operating system crashes.
Petya software-oriented companies, which are distributed in the form of e-mail messages sent to the human resources management in corporate divisions, the sender pretending to be a student advanced to the functions available to the company for work. The letter contains a link to a folder on "Drop Box" Dropbox contains a file includes a biography and an image forged, and once you download the file and open it is to install malicious software.
After the software is installed show the user an error message and are re computer automatically turned on, and the table's main files MFT encryption, which is a special file NTFS used in Windows file system stores files on the device locations, and leads to encrypt the file to the impossibility of restoring files without decrypt through private key gets user after the payment of ransom.
The main File Table encrypt show the user image of the skull accompanied by a letter containing the steps that need to be on the victim implemented to restore its files and its operating system, in this case the user access to a secure location within the network, "Tor" TOR and payment via currency "bit Queen" Bitcoin electronic amount of 0.99 bits Quinn which is equivalent to about US $ 430.
She said, "Trend Micro" she told "Drop Box" assault ... and the latter in turn delete the link and links-like, but it advised users to use caution and appropriate protection programs.
According to "Trend Micro" the software Petya currently targeted at companies in Germany, but nothing guarantees that the same campaign targeting companies in other countries, according to security company.
ليست هناك تعليقات:
إرسال تعليق