NotPetya virus outwardly resembles the Petya ransomware in many ways, however, the fact is that it’s different and a lot more dangerous than Petya. When Petya affected numerous systems even the best antivirus and virus removal programs failed to deduct it. It brought many systems to a grinding halt for a while until the virus protection programs could get the updates on the new ransomware.
Petya – What is it?
Petya belongs to the family of encrypting ransomware and it was first identified in the year 2016. The malicious code was created to attack the Microsoft Windows-based computers. Basically, it infects the master boot record of a Windows machine to execute a payload that encrypts a hard drive’s file system table. This prevents the Windows machine from booting. Consequently, the user is shown a message demanding to make a payment in Bitcoin to regain access to their system.
NotPetya – What is it?
NotPetya the close relative of malware kind Petya successfully infected thousands of computers in 2017 across the globe. Both Petya and NotPetya have enough common features but NotPetya was basically seen as just a variation on the theme.
Later experts discovered that NotPetya has numerous potential tools to help it spread and infect computers. Petya Virus was a conventional piece of ransomware that attempted to make some quick Bitcoin from its victims. However, NotPetya thought to be a similar ransomware, later it was identified as a state-sponsored Russian cyber-attack masquerading as ransomware.
How NotPetya Spreads?
The original Petya ransomware arrived through a spam email and it required the victim to download it. It remained dormant until it was launched and also required to give it admin permissions. In the case of NotPetya, it spreads on its own. NotPetya makes use of several other methods to spread without human intervention.
An accounting software package used by Ukraine companies seems to be the original infection vector offering the backdoor for NotPetya. As mentioned above, NotPetya used many more techniques to spread to other computers. This includes EternalRomance and EternalBlue, two exploits developed by the United States NSA. They were designed to take advantage of a flaw in the Windows implementation of the SMB protocol which can also take advantage of a tool called Mimi Katz.
How to Stay Protected From NotPetya?
The foremost thought behind any ransomware attack is to infect the users’ system through spam emails. Follow the below mentioned ways to prevent NotPetya ransomware:
The computers that run with older versions of Windows are infected by NotPetya. According to Microsoft, the Windows 10 OS fends of NotPetya attacks because of the improved security measures. It successfully blocked other ways in which NotPetya spread from machine to machine.
- Equip your computer with an effective internet security suite with an email security system – to identify and remove spam and phishing emails.
- Avoid downloading and the opening of suspicious attachments or links from unofficial sources.
- Always run a backup of important files over the cloud or on external hard drives.
- Install the latest and updated version of the antivirus software.
Free Antivirus Software from Comodo ensures to effectively protect users from Petya and NotPetya ransomware by blocking the malware in real time. It ensures absolute multiple-level protection against these attacks. For more details on Comodo virus protection, visit the official page!