Skip to main content

Petya Is Not A Ransomware, It’s A “Wiper” — It’s Out To Destroy Your Data Forever

By

petya wiper not ransomware
Image: Comae
Petya malware, which is being seen as WannaCry’s obvious successor, isn’t a ransomware. It actually disguises itself as one to lure media coverage. Instead, it’s a wiper malware which destroys your data in such a manner that the possibilities of the
recovery of files are thin. Hence, even paying ransom won’t get your data back.
When security firms like Kaspersky, Symantec, and Avira reported about the Petya malware, they called it a ransomware. They had every reason to do so because of its activities like showing a ransom message which demanded $300 in Bitcoin. But, according to the latest development, it looks like this malware might not be a ransomware at all.
If you look at the definition of a ransomware–many of you would be already knowing that–it talks about a malware that holds your files for a ransom and unlocks them if you pay a hefty fee. On the contrary, Petya is a wiper–it doesn’t plan to give you the files back even if you pay the ransom.
The researchers from Comae Technologies and Kaspersky Lab have studied the malware deeply and independently arrived at the conclusion that Petya malware isn’t a ransomware, it’a wiper.

How is a ransomware different from a wiper? Is Petya wiper more dangerous?

As said above, a wiper isn’t interested in giving your data back, which is a totally different motive as compared to a ransomware. While a ransomware aims to make money, a wiper works with the aim of destruction in such a manner that the possibilities of the recovery of files in minimal.
This behavior is different from 2016 Petya malware where it was able to revert its changes. The 2017 Petya’s damage is irreversible, and it purposely overwrites the MBR section of the disk with the new bootloader.
petya wiper code not ransomware
Wiper code in Petya 2017 (Image: Comae)
Kaspersky Lab has said that Petya disguises itself as a ransomware and shows merely randomized data as the installation key. So, even the attacker can’t extract any decryption information from such data and the victim won’t be able to decrypt any disk using the key.
Moreover, the users infected with Petya wiper are shown an email address which was shut down by the email provider Posteo.
Comae has concluded that Petya pretends to be a ransomware to lure the media, which makes perfect sense after the amount of attention WannaCry got.
For further technical goodies, read these articles from Kaspersky and Comae.
Labels:

Comments

Post a Comment

Follow Us

WHAT'S HOT

Virtual and Augmented Reality: Transforming The Way We Look At The Internet and Data Security

By
Virtual and Augmented Reality have redefined every aspect of our modern world ranging from gaming, music, and pop culture, to business, human interaction, and development. However, ‘with great power comes great responsibility’. When it comes to a technology slowly becoming a part of some of our most sensitive aspects in our lives (finances, identity, and health), ensuring its safety is highly important. Despite this, many companies have certainly not done their part to ensure the better virtual reality security and, in turn,
1 comment
Continue Reading »

Twin sisters CONJOINED at abdomen, liver and umbilical cord die soon after birth (photo)

By
> The Siamese twins who were born in Zambia a few days ago passed away > They were joined at the chest > The babies shared one abdomen, liver and umbilical cord The conjoined twins who had been born at KITWE Central Hospital in Zambia a few days ago, have passed away. The Siamese girls were delivered by a 19-year-old woman. They were joined by the chest, sharing one abdomen, liver and umbilical cord.
1 comment
Continue Reading »

Which Is The Best Linux Distro For Beginners? — 2017 Edition

By
Are you looking for  a Linux distro that’s suitable for new users who are willing to start   an exciting Linux journey? Well, you’re at the right place. These days, Linux Mint is giving a tough competition to Ubuntu as it’s very beginner-friendly. Our other top recommendations are Zorin OS (which looks a lot like Windows operating system) and lightweight Linux Lite.
2 comments
Continue Reading »

Google’s Open Source DIY Kit Turns Your Raspberry Pi Into An AI Assistant

By
The latest edition of the MagPi magazine includes a DIY kit created by Google that can be used to create a custom Google Home device powered by Raspberry Pi. A user can take advantage of the Google Assistant SDK and Google Cloud Speech API to enable voice control in their projects.
Post a Comment
Continue Reading »