Petya Ransomware Attack: How it Works and How to Prevent It

Petya Ransomware:All You Need To Know


Petya is one of the biggest ransomware attacks in cybercrime history. Before going into deep about Petya, we have to understand what is a ransomware attack. A ransomware attack is basically blocking access to files and data stored in the computer and displays a message to pay the money on given details otherwise data can be compromised or destroyed. It is a widely used method by cybercriminals. Many users became a victim because of a lack of knowledge.

What is Petya?

Petya is a malware that was founded in 2016 and affected Windows-based operating systems. It basically re-writes the Master Boot Record(MBR) and prevents access to files on the hard drive. It does not encrypt a single file, it encrypts the whole hard drive and demands ransomware for the decrypt key. The payment method is Bitcoin. The infected system screen displays the message as shown in the image

Later in 2017 another version of Petys named as NotPetya was founded and this was the one that caused a lot of damage. It affected the systems all over the world but targeted Ukraine. It was estimated that it caused damage of around $110 billion. When a system is affected by it shows the user that the 'file system is repairing' but in fact, it is executing its files and then after a reboot, a message is displayed in which ransom is demanded. The payment method accepted by cyber attackers is bitcoin.

How to remove Petya from the system?

The only method is providing money to the attackers and getting the decrypt key or otherwise restoring the system. The only way to avoid this is not to click on malicious links or download files from unknown sources.