Photo Credit: Photo montage using PD images
Petya

Amit Serfer, an Israeli researcher at Siibrizn Labs, discovered a method to block attacks of the Petya ransomware program that on Tuesday hit thousands of computers around the world, including in Israel, Ha’aretz reported on Wednesday.

Tuesday’s second major global ransomware attack in as many months crippled and held for ransom the computers of major firms including British multinational advertising and public relations company WPP, food company Mondelez, legal firm DLA Piper and Danish shipping and transport firm Maersk.

Advertisement




Researchers have reported that Petya not only encrypts specific files, but also encapsulates the computer boot sector (MBR), the part of the hard disk that’s loaded first when the computer is started. It includes information on the hard disk structure and is used to load the operating system.

Serfer discovered a way to prevent Petya from turning on and multiplying itself. “When the malicious software starts working, it checks whether in the past it ran the files, so as not to encrypt them twice,” he told Ha’aretz. “It looks for the name of the file without an extension in a Windows folder that turned it on (C:\windows\perfc).”

According to Serfer, if Petya finds the file, it concludes the computer has already been attacked and does not activate the encryption function.

Serfer sees his solution as an inoculation against the invading virus.


Share this article on WhatsApp:
Advertisement

SHARE
Previous articlePalestinian President Abbas Is Upset Kushner Wanted Concessions From Him As Well
Next articleIf Someone Compares You to Korah, It’s Not a Death Threat
JNi.Media provides editors and publishers with high quality Jewish-focused content for their publications.