DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
June 21, 2018 
Main Menu
News archives

Who's Online
There are currently 214 people online.


Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller

Follow us

NotPetya outbreak was designed to permanently destroy data

Posted on Thursday, June 29 2017 @ 11:24:39 CEST by

Earlier this week computer systems around the world were hit by a piece of ransomware that appeared to be a new version of the Petya ransomware that first made the rounds in early 2016. However, security researchers discovered that this week's attack was not ransomware at all as it was not designed to make money.

There was a superficial resemblance to Petya but the real goal of Tuesday's attack was to spread fast and cause a lot of damage by permanently deleting data. Paying the Bitcoin ransom is pointless because there is no way to restore the data, the attack is a wiper. Most of the damage seems to have been caused in Ukraine.
We believe the ransomware was in fact a lure to control the media narrative, especially after the WannaCry incidents to attract the attention on some mysterious hacker group rather than a national state attacker like we have seen in the past in cases that involved wipers such as Shamoon.


The fact of pretending to be a ransomware while being in fact a nation state attack?—?especially since WannaCry proved that widely spread ransomware aren’t financially profitable?—?is in our opinion a very subtle way from the attacker to control the narrative of the attack.
ARS Technica notes the attack incorporated two exploits stolen from the NSA. Fully patched Windows systems are not vulnerable to the automatic attack.
In almost all other aspects, Tuesday's malware was impressive. It used two exploits developed by and later stolen from the National Security Agency. It combined those exploits with custom code that stole network credentials so the malware could infect fully patched Windows computers. And it was seeded by compromising the update mechanism for M.E.Doc, a tax-filing application that is almost mandatory for companies that do business in Ukraine. The shortcomings in the ransomware functions aren't likely to be mistakes, considering the overall quality of the malware.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba