Petya ransomware attack: 7 important questions answered

Petya ransomware virus has infected computers across the globe. Apart from Ukraine, India's Jawaharlal Nehru Port Trust has been affected by the virus. Check out how can you protect your system from the attack

After WannaCry virus, the cyber world has been affected by a new strain of ransomware attack that has paralysed computer servers across Europe. Ukraine and Russia have been worst affected by the new virus, which has not only taken control of governmental departments and the central bank but also Kiev airport and metro network.

According to reports, the virus shuts down the infected computer and demands money to fix the problem, which is similar to the WannaCry virus that affected nearly 150 countries across the globe.

Here’s all you need to know about the Petya ransomware attack:

What is Petya ransomware and how is it affecting the computers?

Petya is a ransomware attack similar to that of the WannaCry virus, which demands a ransom from the owners of those whose systems have been infected in exchange for fixing their systems. According to Kaspersky Securities, Petya could be a variant of Petya.A, Petya.D or PetrWrap ransomware programs.

It is using a vulnerability called EternalBlue to exploit systems across the world. The same vulnerability also used by the WannaCry virus to gain control of the systems.

What happens when Petya ransomware infects your computer?

Once your computer gets infected by the Petya ransomware virus, it encrypts all the data present on your system and demands $300 to be paid in bitcoin from the owner to unlock the data. However, paying the ransom does not guarantee that the attackers will give you the key to unlocking the data. Once the virus has infected your system, it will wait for a couple of hours before it reboots your system and encrypts all your files.

Which operating systems have been affected by the Petya ransomware attack?

According to a blog by Avast, the top four operating systems that have been targeted by the attack are Windows XP, Windows 7, Windows 8.1 and Windows 10. It’s worth mentioning that Microsoft had released a security patch after the WannaCry virus had infected the systems.

How do I know if my computer has been infected by the Petya virus?

If you see this message on your computer screens, your system has been infected by the Petya virus– “If you see this text, then your files are no longer accessible because they are encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.

ALSO READ: All you need to know about the Ransomware attack

Who is behind the Petya attack?

At this point, it remains unclear who is behind the attack. However, analysts at the Kerbs Security believe that Petya uses a digital weapon developed by the US National Security Agency, which was leaked online in April this year by a hacker group called the Shadow Brokers.

ALSO READ: Judy Malware affects 36.5 million Android device; here’s all you need to know

Who has been affected by Petya attack?

As mentioned earlier, Ukraine remains worst affected by the recent attack. Apart from this, drugmaker Merck, law firm DLA Piper, American confectionary brand Mondelez International, French multinational Saint-Gobain, Danish business conglomerate Maersk, oil and steel companies Evraz and Rosneft have been affected by the attack. In India, a terminal operated by Maersk at the Jawaharlal Nehru Port Trust in Mumbai has been affected by the attack.

How can I protect my computer from the ransomware attack?

There are several measures that you need to take to ensure that your system remains unaffected by the ransomware attack:

ALSO READ: Judy malware on Google Play Store: 41 Apps you need to uninstall now and how to secure your phone

a) Update your operating system.

b) Update your anti-virus and turn on your firewall.

c) Back up all your files on hard drives (on an offline channel).

d) Avoid opening emails from unknown senders.

e) Avoid downloading attachments from an unknown source.

For interesting tech videos from InUth, follow us on