A new ransomware is sweeping the globe, but there's a vaccine

It's a familiar story: You boot up your computer only to find a mysterious message saying your files are encrypted.

You soon realise that your data is likely gone for good - even if you fork over a cryptocurrency ransom payment.

But this time around, as a new and virulent form of ransomware dubbed NotPetya sweeps the globe, it doesn't have to be this way.

Because this time around, there's a vaccine.

What is NotPetya?

The first symptoms of the attack appeared on June 27 in Ukraine, with the National Bank of Ukraine and the Kiev International Airport both hit hard.

Even Chernobyl's radiation monitoring system has reportedly been affected. But NotPetya, which targets the Windows operating system, didn't stay there.

Microsoft has confirmed that computers in 64 additional countries have been infected.

The ransomware, so called because it demands a payment from users in exchange for decrypting their files, appears to use some code from an earlier ransomware known as Petya.

However, this latest version looks to have been souped up with the allegedly stolen NSA exploit EternalBlue - the same exploit that drove the spread of WannaCry - and as such has security researchers calling it "NotPetya."

According to the security firm Symantec, NotPetya is particularly nasty because instead of just encrypting a system's files, it actually modifies a computer's master boot record in order to encrypt its hard disk.

 PHOTO: Symantec 

Once a system is infected, a message is displayed demanding US$300 (S$415) worth of Bitcoin in exchange for a decryption key.

However, as the listed email address for confirming that the ransom has been paid has been shut down by the email provider, there is little-to-no chance a decryption key will be provided even if a victim pays.

Essentially, those hit by NotPetya can kiss their data goodbye.

Read the full article here