News Categories

Acronis identifies Petya/NotPetya as 'wiper-ware'

By Chong Jinn Wei - on 16 Jul 2017, 10:53am

Acronis identifies Petya/NotPetya as 'wiper-ware'

Image source: Acronis.

Acronis recently discovered the true nature of the Petya/NotPetya malware that was wrecking havoc during the June ransomware epidemic, which turned out to be a dangerous wiper-ware instead.

Many observers thought that Petya/NotPetya was a new type of ransomware as it shares a similar coding and demands victims to pay a certain amount (in this case, US$300 (~RM1,288) in Bitcoin) in exchange for an unlock key. However, the reality of the situation was hopeless from the start; Petya/NotPetya being a wiper has already destroyed the data. Even if victims were to pay the ransom, they will never get their data back.

“The attacker took an existing ransomware which he repackaged. We believe the ransomware was in fact a lure to control the media narrative, especially after the WannaCry incidents, to attract the attention on some mysterious hacker group rather than a national state attacker like we have seen in the past in cases that involved wipers,” said Matt Suiche, Founder, Comae Technologies.

While ransomware is targeted at making money, a wiper-ware like Petya/NotPetya simply wants to destroy data.

According to Acronis, whether you are affected by a wiper or ransomware, your data is probably gone. The only way to protect your data is to have strong and regular backups of your data. Products like Acronis Backup 12.5 or Acronis True Image secure your data from damage or encryption. In addition, Acronis Active Protection is designed to use in-depth analysis, machine learning and artificial intelligence to defend against ransomware and similar cyber attacks.