【Ransomware Petya/Petwrap/Petrwrap】

A new wave of ransomware attack “Petya/Petwrap/Petrwrap” is spreading quickly overseas after “Wannacry”. “Petya/Petwrap/Petrwrap” spreads itself by exploiting the MS17-010 vulnerability targeting SMB v1.0 of Microsoft. Not only the files will be encrypted, it also overwrites and encrypts the master boot record (MBR). After the attack, a ransom note will be displayed on infected machines, demanding $300 USD (about $2400 HKD) in bitcoins for files recovery.

“Prevention Tips”

For preventing the “Petya/Petwrap/Petrwrap” ransomware and other types of ransomware, please note the following prevention tips: -

• Users should BACKUP important data regularly top an independent and offline storage media;
• Users should UPDATE the security patches of the operating system;
• Close all the unnecessary ports;
• Users should REFRAIN from visiting or downloading any files from suspicious websites;
• When in doubt, DO NOT OPEN any suspicious emails and attachments;
• DO NOT PAY any ransom when requested, and seek Police assistance immediately.