Quick Heal Security Labs has come across a new strain of Petya Ransomware that is affecting users globally. This clearly looks like early signs of a new ransomware attack that is spreading fast across the globe. Currently, we have seen multiple reports of this ransomware attack from several countries.
Our Analysis Shows
Petya delivery mechanism is by scam emails or phishing emails. Once the email attachment is executed on the computer it shows the prompt of User Access Control. However, after executing the program it encrypts the Master Boot Record (MBR) and replaces it with a custom boot loader with a code to encrypt the full disk starting with MFT (Master File Tree) and leaves a ransom note to users. Upon successfully encrypting the whole disk of the computer it shows below ransom prompt.
Are we (Quick Heal users) protected from this ransomware?
All Quick Heal users are protected from this ransomware infection where an exploit called EternalBlue targets the security vulnerability MS17-010. This is the same vulnerability which WannaCry Ransomware has been exploiting to spread. Quick Heal IDS successfully blocks Eternal Blue exploit attempts. Quick Heal’s Behavior Based Detection (BDS) also blocks and warns user of a potential attack under way. Just make sure all the security mechanism of Quick Heal are switched ON.
Quick Heal Security Labs is continuously monitoring the threat and working on releasing updates to protect the threat at different layers. So please keep your Quick Heal up-to-date with all the current updates that are regularly released.
Preventive steps and recommendations
If a threat is executed in my computer, can I still prevent my data?
If by mistake someone executes the threat on an unprotected computer by clicking on the link in the email and downloading the attachment, and if you see a BSOD (blue screen) that restarts your computer, you can still save your data by not restarting the computer. Just keep it switched off.
When you see the BSOD screen and the system re-starts only the MBR is replaced and your data on the disk is still intact and it can be accessed by mounting the hard disk on some other clean system. Make sure you do not boot the infected computer hard disk at that stage. Once mounted the data can be accessed and copied.
socially beneficial to the society
KEEP IT UP
plz update us regularly by describing the do’s and dont’s
I know only virus and some of its effects. Hence to give any remarks is avoided. However u r doing the best for us (Quick Heal .. users) Thanks a lot With regards.. M.K.
PL. FOLLOWS INSTRUCTION MADE BY QUICKHEAL TO WORK US SMOOTHLY.
Extremely Thanks For Suggesting…………
thanks for suggestion
His app is amazing
Thank you so Mach
VERY GOOD PROGRAMME
THANK YOU SIR.
Dear I want quick scan virus free
how do i update my quick heal total security
very nice antivirs
One of the best using the provide the quick heal anti &security guard for Mobail
Very Good Update Sir
Use QUICK HEAL TOTAL SECURITY for PC, LAPTOP, DESKTOP,TAB, MOBILE any of it’s kind.
Fruitful result obtained
good service & high version alert
Good anti virus
Nice service please update regularly
its good to work with quick heal
Quick Heal is better than best !
Very good service
Thanks good service
good service sar
I love it. Nice weekend in this thread for me.
Antivirus is very good
I am using quickheal since last 11 years , services and security is improving up to satisfaction level.
it was awesome and coool….i love it because its antitheft was nice because someone’s change my sim card its quickly block them.
Good service for Mobile security
Nice app….LIKED IT !