Petya Ransomware Attack: How it Works and How to Prevent It
Petya Ransomware:All You Need To Know
What is Petya?
Petya is a malware that was founded in 2016 and affected Windows-based operating systems. It basically re-writes the Master Boot Record(MBR) and prevents access to files on the hard drive. It does not encrypt a single file, it encrypts the whole hard drive and demands ransomware for the decrypt key. The payment method is Bitcoin. The infected system screen displays the message as shown in the image
Later in 2017 another version of Petys named as NotPetya was founded and this was the one that caused a lot of damage. It affected the systems all over the world but targeted Ukraine. It was estimated that it caused damage of around $110 billion. When a system is affected by it shows the user that the 'file system is repairing' but in fact, it is executing its files and then after a reboot, a message is displayed in which ransom is demanded. The payment method accepted by cyber attackers is bitcoin.
How to remove Petya from the system?
The only method is providing money to the attackers and getting the decrypt key or otherwise restoring the system. The only way to avoid this is not to click on malicious links or download files from unknown sources.