|

Protect Yourself from Petya Ransomware

BySeamrog Tech
Petya Ransomware Screenshot
Petya Ransomware Screenshot

As you may have heard in the news, there is yet another major cyber attack sweeping the internet. On July 27, 2017, reports began in Europe of a major ransomware infection. This virus, which appears to operate in a similar way to the WannaCry ransomware, seems to have originated somewhere in Ukraine and has since spread to dozens of countries, including the United States. This ransomware – which people are calling Petya, NotPetya, Petna, and ExPetr – encrypts a computer’s data and demands payment for a decryption key, usually in the form of Bitcoins. This attack poses a major risk to businesses and individuals alike. While there is no foolproof protection, there are ways you can greatly reduce your risk of infection.

Keep Your Data Secure

  • If you are currently a Managed IT client at Seamrog, don’t worry; we have already protected you.  And if you’re not, call to find out how you could be!
  • We have also released a “vaccination” script (below), which is available to everyone, not just our customers.
  • Make sure you are up to date.
    • Most major security software providers have released updated protection measures to resist these attacks.
    • Update your Windows operating system!  Microsoft released an update 2 months ago that covers the vulnerability that this virus uses.
  • Make sure your data is backed up, either in the cloud or on an unconnected external data storage device.

 If you’re not sure that you’re protected, please don’t hesitate. Email us at help@seamrogtech.com or call 717-831-8324.

What To Do if You Get Infected

If your computer is infected, follow these steps carefully.

  • Do NOT restart your computer.
  • Do NOT try to pay to have your data decrypted. The email address being used by the attackers has been shut down. Even if you pay them, they have no way to give you your decryption key.
  • Contact us immediately.

In the end, you are the last line of defense against these attacks. Common sense is your best friend. Avoid clicking suspicious links. Be wary of emails asking for personal information or telling you to install programs on your computer. Keep secure backups of your data, and attacks like this will pose little threat to you.

Downoad our pre-made batch file (all you need to do is unzip and run it),  or use following text in your own batch file

  1. Open Notepad
  2. Copy and paste the text below
  3. File –> Save As vaccinate.bat
  4. Run the new vaccinate.bat file as administrator.

echo Vaccination > %windir%\perfc
echo Vaccination > %windir%\perfc.dll
echo Vaccination > %windir%\perfc.dat
echo Vaccination > c:\windows\perfc
echo Vaccination > c:\windows\perfc.dll
echo Vaccination > c:\windows\perfc.dat
attrib +R %windir%\perfc
attrib +R %windir%\perfc.dll
attrib +R %windir%\perfc.dat
attrib +R c:\windows\perfc
attrib +R c:\windows\perfc.dll
attrib +R c:\windows\perfc.dat

 

Similar Posts