New Petya ransomware - Kuribo64


Views: 8,824,001	Home \| Forums \| Uploader \| Wiki \| Object databases \| IRC Rules/FAQ \| Memberlist \| Calendar \| Stats \| Online users \| Last posts \| Search	10-21-18 04:14 AM
Guest:

0 users reading New Petya ransomware | 1 bot

Main - Computers and technology - New Petya ransomware

XenonNSMB

Posted on 06-27-17 06:40 PM

Link | #84068

Koopa
It's a UNIX system, I know this!

Level: 17

Posts: 6/108
EXP: 24709
Next: 34

Since: 06-23-17
From: ~~United States~~TRUMPLAND

Last post: 138 days ago
Last view: 134 days ago

https://arstechnica.com/security/2017/06/a-new-ransomware-outbreak-similar-to-wcry-is-shutting-down-computers-worldwide/

Install your Windows updates, kiddos.

(and keep backups)

• Nadia: makes her BQFX file an AJ7
• SuperHackio: questions what that is
<~StapleButter> the AJ7 is an automatic rifle model based on the well-known AK47

Dilene

Posted on 06-27-17 06:44 PM

Link | #84069

Member
I could keep going all day, but it's 2:00 and I have to sleep.

Level: 12

Posts: 25/42
EXP: 6549
Next: 1372

Since: 03-21-17

Last post: 147 days ago
Last view: 2 days ago

"New"

Petya has been around for some time already. This is mostly an update to it to use the same exploit as WannaCry.

Still, keep off-site backups (and backups of those backups!) and the usual in case of an attack.

____________________

≤!-- Am I doing this right? --≥

Super Hackio

Posted on 06-27-17 07:46 PM

Link | #84072

Red Super Koopa
Normal user

Level: 46

Posts: 351/871
EXP: 701872
Next: 9902

Since: 10-05-16
From: The true North, Strong & free!

Last post: 12 days ago
Last view: 3 days ago

We... are... DONE FOR!!! ABANDON SHIP!!

____________________
SMG RUN Progress: 11%
————————————————
I have a discord if you want:

Ndymario

Posted on 06-27-17 08:05 PM

Link | #84075

Shyguy
That MvL Hacker

Level: 18

Posts: 51/88
EXP: 29640
Next: 257

Since: 04-10-15

Last post: 34 days ago
Last view: 2 days ago

[thumbnail]

Can't get ransomed if you use a Mac

____________________
Here's my MvL Hacking thread
Also, if you hack MvL, consider joining my Discord Server!

Hope to see you there!

#HakingNoMore

If you can read this, you have scrolled too far down

Yami

Posted on 06-28-17 03:29 PM

Link | #84080

（ーωー。）

Level: 53

Posts: 948/959
EXP: 1116683
Next: 40436

Since: 12-07-14
From: Japan

Last post: 467 days ago
Last view: 465 days ago

Sorry to disappoint you, but:
https://www.welivesecurity.com/2017/02/22/new-crypto-ransomware-hits-macos/
http://www.macworld.co.uk/how-to/mac/how-remove-mac-ransomware-3659100/

And due to Macs' extremely closed nature, it might be even worse than on Windows or Linux.

DSHack.org | 3DSHack.org (same Site) | Star Fox Online

My Weblog | My YouTube Channel

StapleButter

Posted on 06-28-17 03:34 PM

Link | #84081

Star Mario
this serves no purpose, but they spent time making it, so gotta pay tribute

Level: 144

Posts: 7498/8279
EXP: 36137436
Next: 572870

Since: 07-02-12
From: in a box

Last post: 1 day ago
Last view: 20 hours ago

re: updates

Microsoft pushed a patch for the NSA hacks, you can download it from their site and install it standalone

as far as I can see there is no "get Windows 10" bullshit embedded. I should check whether there are anal probes.

____________________
NSMBHD - Kafuka - Jul

communism

RicBent

Posted on 06-28-17 04:08 PM

Link | #84082

Administrator

Level: 41

Posts: 262/459
EXP: 462972
Next: 17173

Since: 09-25-12
From: Germany

Last post: 8 days ago
Last view: 10 hours ago

Instead of going through all that bullshit, what about installing Linux?

____________________
GitHub - YouTube - NSMBHD

StapleButter

Posted on 06-28-17 04:10 PM

Link | #84083

Star Mario
this serves no purpose, but they spent time making it, so gotta pay tribute

Level: 144

Posts: 7499/8279
EXP: 36137436
Next: 572870

Since: 07-02-12
From: in a box

Last post: 1 day ago
Last view: 20 hours ago

Linux isn't safe either though, but yeah, I should definitely stop being lazy

____________________
NSMBHD - Kafuka - Jul

communism

(post deleted)

#84084

RicBent

Posted on 06-28-17 05:05 PM

Link | #84086

Administrator

Level: 41

Posts: 263/459
EXP: 462972
Next: 17173

Since: 09-25-12
From: Germany

Last post: 8 days ago
Last view: 10 hours ago

Posted by StapleButter
Linux isn't safe either though, but yeah, I should definitely stop being lazy

It might not be safer, but it's not worth for anybody to code a Linux ransomware. The profit they 'd get is just not there.

____________________
GitHub - YouTube - NSMBHD

Splitwirez

Posted on 06-28-17 07:02 PM

Link | #84088

Otherwise known as rob55rod. Should probably get back to SMG2 at some point...

Level: 61

Posts: 1182/1204
EXP: 1811240
Next: 65356

Since: 08-28-13
From: ._______________.

Last post: 7 days ago
Last view: 7 days ago

So, wait...is this patch separate from the WannaCry one? I would've thought so, but this:

Posted by Dilene
Petya has been around for some time already. This is mostly an update to it to use the same exploit as WannaCry.

seemingly indicates otherwise...??

StapleButter

Posted on 06-28-17 07:16 PM

Link | #84089

Star Mario
this serves no purpose, but they spent time making it, so gotta pay tribute

Level: 144

Posts: 7500/8279
EXP: 36137436
Next: 572870

Since: 07-02-12
From: in a box

Last post: 1 day ago
Last view: 20 hours ago

Posted by RicBent
It might not be safer, but it's not worth for anybody to code a Linux ransomware. The profit they 'd get is just not there.

oh, you never know

there are lots of servers that run Linux, and that contain all sorts of important shit that you wouldn't want encrypted

____________________
NSMBHD - Kafuka - Jul

communism

poudink

Posted on 06-28-17 07:35 PM (rev. 2 of 06-28-17 07:35 PM)

Link | #84090

Bullet Bill
Proud survivor of the Endless Eight.

Level: 38

Posts: 237/511
EXP: 358545
Next: 11902

Since: 03-01-16
From: Québec (Canada)

Last post: 54 days ago
Last view: 53 days ago

One of the articles actually mentions a Linux ransomware called "KillDisk".

____________________
Nothing to say, so jadnjkfmnjamnfjkldnajfnjkanfjdksan jsdnvj m.

[insert quote here]

Posted on 06-29-17 03:41 AM

Link | #84091

Ninji
ガラクティク・パイラト

Level: 26

Posts: 70/246
EXP: 97286
Next: 4989

Since: 01-23-17
From: Paris, France

Last post: 64 days ago
Last view: 53 days ago

@Yami yeah, but macOS viruses are very rare, and macOS security is very, very high. Plus, you get this from a fishy torrent site so

Dilene

Posted on 06-29-17 05:46 AM

Link | #84092

Member
I could keep going all day, but it's 2:00 and I have to sleep.

Level: 12

Posts: 26/42
EXP: 6549
Next: 1372

Since: 03-21-17

Last post: 147 days ago
Last view: 2 days ago

Posted by Splitwirez
So, wait...is this patch separate from the WannaCry one? I would've thought so, but this:
seemingly indicates otherwise...??

I wasn't properly informed at the time so I went with that assumption that it was just an upgrade of the original Petya (or NotPetya as how it's called now).

By now, I did read a bit more on the ransomware, and this is what I found:

The worm won't encrypt at all if you create the file C:\WINDOWS\perfc.dat as read-only. It will still try to propagate itself, though.
It doesn't travel outside it's own /24 network, making me think it was a targeted attack.
Its email was shutdown so the infected users won't be able to recover their files... Oops?
It encrypts offline in a modified chkdisk terminal. The process starts as soon you see the message, so you can turn off the PC ASAP, plug the drive into another PC and copy your files away (and possibly format the infected drive).

This article could help as some reading material.

And FWIW: You can run almost if not every windows ransomware on Linux, with the help of a little thing called Wine.

____________________

≤!-- Am I doing this right? --≥

Yami

Posted on 06-29-17 04:00 PM

Link | #84097

（ーωー。）

Level: 53

Posts: 949/959
EXP: 1116683
Next: 40436

Since: 12-07-14
From: Japan

Last post: 467 days ago
Last view: 465 days ago

Posted by RicBent
Instead of going through all that bullshit, what about installing Linux?

DSHack.org | 3DSHack.org (same Site) | Star Fox Online

My Weblog | My YouTube Channel

Main - Computers and technology - New Petya ransomware

Page rendered in 0.023 seconds. (2048KB of memory used)
MySQL - queries: 27, rows: 223/223, time: 0.014 seconds.
[powered by Acmlm]

[powered by Acmlm]

Acmlmboard 2.064 (2018-07-20)
© 2005-2008 Acmlm, Xkeeper, blackhole89 et al.