Microsoft: Petya is more sophisticated than typical ransomware

A worldwide ransomware attack — spread by a variant reportedly called "Petya" — infected computer systems in more than 60 countries June 27.

Microsoft officials published a blog post on the Microsoft Malware Protection Center website June 27. Based on a Microsoft investigation of the global ransomware infection, the officials confirmed Petya is a new variant of an older strain of ransomware called "Ransom:Win32/Petya."

Unlike the older strain, the Petya malware that infected computer systems June 27 has worm capabilities, which enables it to move "laterally across infected networks." This update means once the ransomware infects a single machine, it will continue to infect the entire computer network.

There are three key ways Petya moves laterally through a system. The ransomware variant may steal users' credentials and existing active sessions; use file shares to transfer malicious code across machines; or execute ransomware payloads with functions on unpatched machines.

Click here to view the blog post.

More articles on health IT:
Global ransomware 'Petya' hits Merck, Pennsylvania health system: 5 things to know
Are female-led US tech startups more likely to hire women? 3 survey insights
Viewpoint: IBM Watson 'choking on its own hype' in healthcare

© Copyright ASC COMMUNICATIONS 2017. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months