Contact us today!
561-795-2000 
844-795-2001

FRS Pros Blog

New Ransomware Presents Users With 2 Equally-Terrible Options

New Ransomware Presents Users With 2 Equally-Terrible Options

The Petya ransomware, a particularly vicious monster of a threat, has reared its ugly head once again, only this time, it’s not alone. Petya now comes bundled together with Mischa, yet another ransomware that works well alongside Petya. The ransomware is delivered via an inconspicuous email disguised as a job application, with a resume attached. Once the user downloads the file, Petya encrypts the files located on the device.

The original version of Petya had a signature attack that struck the master boot record, restricting access to it until a ransom was paid through a dark web payment portal. Of course, there was no guarantee that paying up would resolve the problem, so it was entirely possible that the ransomware could add insult to injury and not decrypt the files at all. Thankfully, Petya had a weakness, and professionals were able to exploit it and find a fix for the ransomware.

Not this time, though. Petya comes with Mischa, which is a more traditional ransomware that can be just as dangerous as its counterpart. Mischa blocks access to files until the user pays a ransom. The ransomware will then link to a Tor payment site that allows the user to pay up and decrypt their files. Mischa encrypts executable files, while leaving the Windows and browser folders untouched, which provides access to files containing payment instructions for the user.

Now, here’s the problem with this development. Petya could be prevented by refusing administrator access upon downloading the installer. Now, selecting “yes” will download Petya, while selecting “no” will install Mischa. Either way, you get a slap in the face.

Mischa’s payment site works in largely the same way as Petya’s. Once you input the authorization code provided by the ransomware, you need to purchase enough Bitcoins to pay for the ransom. The current exchange rate is approximately $875 per Bitcoin, so you might be shelling out some heavy-duty cash for this. Once the user has purchased enough Bitcoins, the malware will then provide the Bitcoin address where it must be sent.

Though researchers managed to find a way around Petya, no such workaround has been found for Mischa. This is a recurring theme for ransomware, which is often so difficult to remove, that it forces large enterprises to either restore a backup of their data, or pay the ransom, rather than lose access to their files completely. As with all cases of malware, we urge you to do your research, and contact FRS Pros at 561-795-2000 before caving into hackers’ demands.

As with all threats that work, Petya and Mischa have plenty of copycats out there that attempt to replicate their success. Malwarebytes has identified another two-in-one ransomware called Satana that functions in a similar way, locking the master boot record and the complete file record. In comparison to Petya and Mischa, however, Satana will run both types of ransomware, rather than just install one or the other.

Malwarebytes reports that Satana is still in development and has flaws that can be exploited, but the thought of malware continuing to develop in this sense is a bit unnerving, especially for business owners that may not devote enough time and resources to security solutions. If your business is unsure of whether you can handle a ransomware infection, reach out to us at 561-795-2000.

Tip of the Week: 4 Ways to Avoid Buying a Lemon of...
Sharing Your Netflix Password Now Makes You a Fede...

Mobile? Grab this Article!

QR-Code

Tag Cloud

Tip of the Week Security Technology Best Practices Network Security Productivity Business Computing Privacy Internet User Tips Hackers Google Software Cloud Microsoft Business Management Computer Innovation Hardware Tech Term Efficiency Data Mobile Devices Data Backup Smartphones Malware Hosted Solutions Email Windows 10 Smartphone Office 365 Cybersecurity Browser Data Recovery IT Services Android Upgrade Internet of Things Gadgets Business Communication Backup Windows Apps Phishing IT Support Outsourced IT Small Business Workplace Tips Data Security VoIP Communications Cybercrime Disaster Recovery Network Operating System Cloud Computing Mobile Device Management Business Continuity Ransomware Users Employer-Employee Relationship OneNote Server Information Money Artificial Intelligence Alert Law Enforcement Saving Money Vulnerability Collaboration Virtualization Facebook Managed Service Health Applications Blockchain Microsoft Office Wireless Chrome Best Practice Managed IT Services Automation Managed IT Services Passwords Spam IT Support Miscellaneous Social Media Data Storage Router Mobile Device Two-factor Authentication Bring Your Own Device Google Drive Telephone Systems Managed Service Provider Tech Support Holiday Managed IT Unsupported Software Augmented Reality Networking BYOD Password App Word Information Technology Hacking Windows 10 Gmail Save Money Computers Data Breach Touchscreen Payment Cards Budget History WiFi Application Travel Access Control Wireless Technology Excel Printing Quick Tips File Sharing Data Management Encryption Audit Mobile Security Hosted Solution Fraud Safety Settings Avoiding Downtime Mobility Meetings Search Data Protection Productivity Evernote Google Assistant Sports Risk Management User Error Hybrid Cloud Cost Management Telephony IT Management Going Green Social Cortana WannaCry Wi-Fi Windows 7 Government Commerce Data Loss Business Technology Update Conferencing Politics Robot Shortcut Patch Management Wireless Charging Hard Drive Display Google Docs Project Management BDR SaaS Devices The Internet of Things Proactive IT VPN iPhone Threats Outlook Recovery Samsung Chromebook Co-Managed Services Reputation PC Microsoft Excel IT budget Disaster Alexa for Business iOS WIndows Server 2008 Credit Cards App store Camera Google Maps Spyware Financial Payroll Data storage Digital Signage Employees Microsoft Word Legal Management Remote Computing Windows Server 2008 R2 Windows 10s HBO Specifications Virus Employee Scams Computer Care Nanotechnology Administrator Antivirus Telephone Paperless Office Screen Mirroring Firewall Streaming Media Projects Unified Threat Management Apple Lithium-ion battery Security Cameras Battery Vendor OneDrive Tablets Maintenance PowerPoint Admin Mobile Office Solid State Drive Sales Proactive Break/Fix Laptop Virtual Private Network Root Cause Analysis Sync Access Hyperlink Transportation Smartwatch Emails Cast Storage Social Engineering Instant Messaging Hacker Processor Computer Fan FAQ Chromecast Identity Private Cloud Upgrades Edge Emergency Machine Learning Point of Sale Employee-Employer Relationship Voice over Internet Protocol NFL eWaste Wireless Internet Saving Time Development Hard Disk Drive Retail Websites Medical IT Touchpad Remote Workers Internet Exlporer Entertainment Value Wasting Time Server Maintenance Marketing Identities Benchmarks Charger Identity Theft Data Privacy Ciminal Amazon Downtime Data Theft Office Device Security Uninterrupted Power Supply Gamification Keyboard Shortcuts Micrsosoft IT Solutions Software as a Service 5G Humor Adobe Workers Accessory Investment Webinar Legislation Language Myths Vendor Management Sabotage Consultant Virtual Assistant E-Commerce Gifts Computing Scam Testing Personal Information Remote Monitoring Windows Ink Memory Human Resources Business Intelligence Education Bandwidth YouTube Licensing Updates DDoS Computer Forensics Peripheral ROI IT solutions Comparison Files PDF Company Culture Work/Life Balance Virtual Reality Crowdsourcing Employer Employee Relationship Mobile Computing Current Events Electronic Medical Records Benefits Phone System Text Messaging es Save Time Computer Accessories Smart Technology Thank You Flexibility Music Compliance Office tips Advertising Printers Congratulations Scalability Analytics Regulation Keyboard Black Market Cleaning Automobile HaaS Cache Big Data End of Support Managed IT Service Twitter Relocation Managing Stress Training Monitors USB Worker How To Books Hiring/Firing Managed Services Provider Television CrashOverride Video Games Experience