It’s not just large companies such as Yahoo and Target that are vulnerable to cyber attacks. Small businesses, which are often more cash-strapped than large corporations, are increasingly being targeted by hackers.
The chances of a small business being invaded — of having computers, smartphones, tablets and even bank accounts hacked because of poor cybersecurity — are rapidly growing. And some of the very things small businesses are encouraged to do to make themselves more visible, like having blogs, can also make them more vulnerable.
PetrWrap, a variant of a Petya-based ransomware, was used in targeted attacks. It overwrites MBR to lock users out of the infected machines. The Petya ransomware causes a blue screen of death (BSoD) by overwriting the MBR with malicious code that encrypts the drive’s master file table (MFT). When the victim tries to reboot the PC, it will impossible to load the OS, even in Safe Mode. Users turning on the computer are displayed a flashing red and white screen with a skull-and-crossbones instead.
The bad news for the victims is that currently there isn’t a recovery tool to decrypt the MFT of hard disk volumes infected by Petya. The experts noticed anyway that because this specific ransomware doesn’t encrypt the file contents, it is possible to reconstruct the file from hard disk raw data by using specific recovery tools.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.