A new wave of ransomware attack “Petya/Petwrap/Petrwrap” is spreading quickly overseas after “Wannacry”. “Petya/Petwrap/Petrwrap” spreads itself by exploiting the MS17-010 vulnerability targeting SMB v1.0 of Microsoft. Not only the files will be encrypted, it also overwrites and encrypts the master boot record (MBR). After the attack, a ransom note will be displayed on infected machines, demanding $300 USD (about $2400 HKD) in bitcoins for files recovery.
For preventing the “Petya/Petwrap/Petrwrap” ransomware and other types of ransomware, please note the following prevention tips: -
- Users should BACKUP important data regularly top an independent and offline storage media;
- Users should UPDATE the security patches of the operating system;
- Close all the unnecessary ports;
- Users should REFRAIN from visiting or downloading any files from suspicious websites;
- When in doubt, DO NOT OPEN any suspicious emails and attachments;
- DO NOT PAY any ransom when requested, and seek Police assistance immediately.