New ransomware, Petwrap, hits India, other countries; Indian shipping hub impacted

Share

Ukraine's central bank was the first to report the cyber attack, saying state and private firms were crippled, as well as government ministries and radiation monitoring at the Chernobyl nuclear facility.

This ransomware was much more advanced than WannaCry, according to Craig Williams, senior tech lead and security outreach manager at Cisco Talos.

The pharmaceutical giant Merck on Twitter said, "our company's computer network was compromised today as part of global hack".

The attacks started Tuesday at around 2:00 pm Kiev time (1100 GMT) and quickly spread to 80 companies in Ukraine and Russian Federation, said cybersecurity company Group IB.

Euro Boosted by Draghi Comments
Volatility in U.S. equities rose the highest in six weeks as investors digested recent economic data and central bank verbiage. The European currency traded 0.1 percent up at 1.1346, having touched a high of 1.1355 earlier, its highest since August 23.

Like WannaCry, the new ransomware attack uses the EternalBlue tool to spread.

As problems were being reported in Ukraine, the Maersk shipping company, based in Denmark, confirmed that its "IT systems are down across multiple sites and business units due to a cyber attack".

Some technology experts said the attack appeared consistent with an "updated variant" of a virus known as Petya or Petrwrap, a ransomware that locks computer files and forces users to pay a designated sum to regain access.

"Petya spread via email spam with booby-trap@kkped (Microsoft) Office documents.The documents, once opened, will download and run the Petya installer and execute the Server Message Block (SMB) worm to spread to other computers", SingCERT said. It included code "Eternal Blue, ' Cyber security experts stolen from the US National Security Agency". Juniper Networks said in a blog post analyzing the attack, when compared to the traditional strains of ransomware, the attack could be more unsafe, because it makes computers unresponsive and unable to reboot. However, both the countries denied charges that they are involved in hacking.

New cyberattack wallops Europe; spreads more slowly in US
A Home Credit employee told Reuters on Tuesday the bank had closed all of its Russian branches because of the cyber attack. FILE - In this in this January 1, 2008 file photo a flag files over the headquarters of shipping company A.P.

WPP said in a statement that the computer systems at several of its subsidiary companies had been affected, adding that it was "assessing the situation and taking appropriate measures".

Cybereason principal security researcher Amit Serper said the "vaccine" works on Microsoft's Windows operating system.

Russian Federation and Ukraine were most affected, with other victims spread across countries including Britain, France, Germany, Italy, Poland and the United States, the security software maker said.

As of right now, it is unclear who is behind this attack. Following the other countries, the Indian companies have also been affected and one of the few companies are JNPT (Jawaharlal Nehru Port) in Maharashtra.

'Paddington Bear' Creator Michael Bond Dies At 91
Bond said a sense of vulnerability "was an important part of Paddington's persona" and a reason why children were drawn to him. He was as kindly, dignified, charming and lovable as the immortal Paddington Bear he gave us".

Share