Petya: The Poison Behind the Latest Ransomware Attack

Steven J. Vaughan-Nichols | ZD Net | June 28, 2017

Unpatched Windows machines are getting hammered again by a new ransomware attacker.

First thing is first: If you're running Windows, patch your systems! The latest variant of Petya, GoldenEye, can attack if, and only if, one of your Windows PCs still hasn't been patched with Microsoft's March MS17-010. Microsoft thought patching this bug was important enough that it even patched it on its unsupported Windows XP operating system.

But, despite that, and despite all the news WannaCry got for it assaults, people still haven't patched all of their systems, and now we get to deal with Petya-infected PCs and their completely encrypted hard drives. As Maya Horowitz, Check Point's threat intelligence group manager, said in the aftermath of WannaCry, "That's something that will keep happening in the future where people can copy and paste malware, copy the NSA code and that's what you get -- worldwide catastrophe. More and more things like that will happen."

As Rafe Pilling, senior security researcher at SecureWorks Counter Threat Unit, added before this latest mess, "It's quite common for ... systems to run older versions of operating systems which go unpatched, run old applications, use shared logins, that sort of stuff, all of which creates an environment which is more susceptible to this sort of thing"...