• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » Malware » NotPetya: A Sabotage Program In Malware’s Clothing

NotPetya: A Sabotage Program In Malware’s Clothing

2017-06-30 by Max

NotPetya: A Sabotage Program In Malware’s Clothing

The NotPetya/GoldenEye virus that has been running rampant in the past few days is not really a malware program. Multiple firms and hacktivist groups have spent hundreds of hours analyzing its code, and it would appear that NotPetya isn’t as benign as it seemed. Any computer infected with NotPetya is unsalvageable, as there is currently no way to decrypt an infected system. The malicious part is that the creators of NotPetya can’t decrypt your lost files either.

The code for NotPetya produces a random string of code that it claims is your “Personal Installation Key.” The code behind this generation has been broken and studied, allowing for researchers to produce their own keys. In a test environment, they infected a system and then used the key to develop the decryption key. The key was useless, as it failed to decrypt any data at all. On further analysis, it was revealed that the Personal Installation Key, which should be similar to the encryption used, had no relation to it at all. This means that even if you paid the ransom to get your files decrypted, you would end up poorer and with a useless computer.

There is currently only one way to recover your files from an infected computer, and that is to turn the machine off as soon as you see the notice that your files need to be checked. This “check” is actually NotPetya starting up, and once you interact with the prompt or a short time after it appears your files will begin to encrypt. You should immediately turn off your computer and remove the power supply, this will stop NotPetya from encrypting your files. If you start your device back up however the encryption process will begin again. Instead, connect an external hard drive and a second computer to the infected machine. From there you can transfer your files to it, and they should be unencrypted still.

The fact that the files are unrecoverable implies that there was a far more sinister motive behind the release of NotPetya. Ransomware is fundamentally motivated by money, it’s a tool for the creator to bring in funds. Sabotageware is just destructive, it doesn’t exist to do anything other than to break systems. There is a real danger of this program destroying something critical before it can be stopped. If a control computer for major infrastructure projects or facilities were to be infected the damage could be catastrophic. Millions of records could be lost irrevocably, or control of vales and safety devices could be removed.

Cyberattacks like NotPetya are part of a growing trend of destructive attacks. Cyberattacks since the beginning of 2017 have stepped up their reach, potency and destructive potential. A major, worldwide cyberattack has occurred twice already. In both cases, these programs were based off older attack programs as well, and they utilized known vulnerabilities in older operating systems. While major companies such as Microsoft have pushed out security updates to patch this weakness, they are purely proactive. They can only respond to threats and very rarely will these patches eliminate the threat of a new attack. The key to defending against these kinds of attacks is to keep your system and antivirus software up to date, as well as not opening any suspicious emails.

Filed Under: Malware Tagged With: hacker

About Max

Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for https://www.askcybersecurity.com since early 2017.


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version