Many firms, including Symantec, have suggested the ransomware is a variant of Petya, a known ransomware. But according to security firm Kaspersky Lab, preliminary findings indicate the attacks are from a new ransomware that it's now calling "ExPetr."
Either way, researchers say Tuesday's attacks use a Windows flaw called EternalBlue to spread through corporate networks. WannaCry also leveraged the EternalBlue exploit, which was leaked as part of a trove of hacking tools believed to belong to the NSA. Microsoft (MSFT, Tech30) issued a patches for the exploits in March.
Bitdefender has identified a massive ransomware campaign that is currently unfolding worldwide. Preliminary information shows that the malware sample responsible for the infection is an almost identical clone of the GoldenEye ransomware family. At the time of writing this there is no information about propagation vector but we presume it to be carried by a wormable component.From the link above linkPosted by Hackoo
Unlike most ramsonware, the new GoldenEye variant has two layers of encryption: one that individually encrypts target files on the computer and another one that encrypts NTFS structures. This approach prevents victims computers from being booted up in a live OS environment and retreiving stored information or samples.
Ymeraj is among 36 people who have been indicted in the U.S. for allegedly being part of the Infraud Organization. The U.S. Justice Department alleges the organization was an online forum where stolen credit card numbers, bank account data and other personal information were sold and purchased.Please tell me it is not true. :'(