• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » News » Malware » NotPetya: A Sabotage Program In Malware’s Clothing

NotPetya: A Sabotage Program In Malware’s Clothing

2017-06-30 by Max

NotPetya: A Sabotage Program In Malware’s Clothing

The NotPetya/GoldenEye virus that has been running rampant in the past few days is not really a malware program. Multiple firms and hacktivist groups have spent hundreds of hours analyzing its code, and it would appear that NotPetya isn’t as benign as it seemed. Any computer infected with NotPetya is unsalvageable, as there is currently no way to decrypt an infected system. The malicious part is that the creators of NotPetya can’t decrypt your lost files either.

The code for NotPetya produces a random string of code that it claims is your “Personal Installation Key.” The code behind this generation has been broken and studied, allowing for researchers to produce their own keys. In a test environment, they infected a system and then used the key to develop the decryption key. The key was useless, as it failed to decrypt any data at all. On further analysis, it was revealed that the Personal Installation Key, which should be similar to the encryption used, had no relation to it at all. This means that even if you paid the ransom to get your files decrypted, you would end up poorer and with a useless computer.

There is currently only one way to recover your files from an infected computer, and that is to turn the machine off as soon as you see the notice that your files need to be checked. This “check” is actually NotPetya starting up, and once you interact with the prompt or a short time after it appears your files will begin to encrypt. You should immediately turn off your computer and remove the power supply, this will stop NotPetya from encrypting your files. If you start your device back up however the encryption process will begin again. Instead, connect an external hard drive and a second computer to the infected machine. From there you can transfer your files to it, and they should be unencrypted still.

The fact that the files are unrecoverable implies that there was a far more sinister motive behind the release of NotPetya. Ransomware is fundamentally motivated by money, it’s a tool for the creator to bring in funds. Sabotageware is just destructive, it doesn’t exist to do anything other than to break systems. There is a real danger of this program destroying something critical before it can be stopped. If a control computer for major infrastructure projects or facilities were to be infected the damage could be catastrophic. Millions of records could be lost irrevocably, or control of vales and safety devices could be removed.

Cyberattacks like NotPetya are part of a growing trend of destructive attacks. Cyberattacks since the beginning of 2017 have stepped up their reach, potency and destructive potential. A major, worldwide cyberattack has occurred twice already. In both cases, these programs were based off older attack programs as well, and they utilized known vulnerabilities in older operating systems. While major companies such as Microsoft have pushed out security updates to patch this weakness, they are purely proactive. They can only respond to threats and very rarely will these patches eliminate the threat of a new attack. The key to defending against these kinds of attacks is to keep your system and antivirus software up to date, as well as not opening any suspicious emails.

Filed Under: Malware Tagged With: hacker

About Max

Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for https://www.askcybersecurity.com since early 2017.


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Israel’s Pfizer Deal Causes Data Privacy Concerns

20 Online Courses for a Successful Career in Cyber Security in 2021

Cyber Security Governance & Customer Trust Senior Analyst

COVID Vaccine Passports: Saturday Sitrep

Microsoft Simulator Brings Gaming Elements to Cybersecurity

IPVanish

IPVanish VPN

Cyber Security News

Dark Web Breach Leaks 600K Stolen Payment Cards

… [Read More...] about Dark Web Breach Leaks 600K Stolen Payment Cards

LinkedIn Data Leak Exposes Millions of Users

… [Read More...] about LinkedIn Data Leak Exposes Millions of Users

Facebook Responds to Data Leak

… [Read More...] about Facebook Responds to Data Leak

Facebook Breach – Hacker Dumps Millions of User Data on Public Forum

… [Read More...] about Facebook Breach – Hacker Dumps Millions of User Data on Public Forum

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card Cyber Attack DHS Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware Romance Scam Russia smartphone SolarWinds tax scam TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2021 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version