Ransomware that disguises itself as an email

Last month, everyone was talking about Petya. Ransomware that disguises itself as an email from an individual looking for a job. Upon opening the attachment, victims are then infected and demanded to pay 0.9 bitcoins (£265) for a password decryption key.

Described by cyber-crime experts as a particularly nasty form of ransomware. When victims click on a link in the scam email, it doesn’t pick certain files or images to encrypt. It quite simply locks up the entire hard drive by overwriting the master boot record.

This is now a thing of the past. You can now get a free password decryption key.

A programmer under the Twitter name Leostone has developed a tool that takes advantage of the weaknesses in the way that Petya encrypts files. The programmer first revealed the key generator on the code-sharing website Github, as a result of his father-in-law encountering the ransomware.

Lawrence Abrams, Security Researcher at Bleeping Computer, advised that the key generator could unlock a Petya-encrypted computer in just seven seconds.

Independent security analyst, Graham Cluley, explained that there have been various instances when malware creators had “bungled” their encryption system. The likes of CryptoLocker ransomware was deemed harmless when their “scrambling schemes were reverse-engineered”.

“Of course,” said Cluley, “the best thing is to have safety secured backups rather than relying upon ransomware criminals goofing up.”

If you’d like advice on backup and recovery services, get in touch with our experts on 01235 426700 or email enquiries@riverbank.co.uk