What is ransomware?

Ransomware is a type of malware or virus that blocks the access of the user from the data or files of the computer and demands money to provide the access.

How does a ransomware work?

When a computer is detected with the virus, it targets the most important files and documents of the computer and demands ransom money for it. If the user has a backup then he doesn’t have to get that much worried but if he doesn’t have a backup either he has to pay the ransom money or he has to suffer the loss of important data and files.

What is Petya ransomware and how does it work?

Petya Ransomware is a new type of ransomware which has emerged in the year of 2016. Petya ransomware is different and dangerous from other ransomware. Rather than just stopping the access to some files it blocks the access to the whole hard drive by encrypting the computer’s master file that is MFT. The file system totally becomes unreadable and windows don’t boot at all. Just like the other ransomware it demands money in the form of bitcoin that is $300. It spreads easily from one computer to another, especially in an organization or department. The malware is so strong that it tries one option and if that fails, it tries another option. It spreads faster than the malware called Wannacry.

How does Petya originate?

At this time, nobody actually knows where this malware actually came from. There are many companies all over the world are affected by it like India, USA, and Russia etc. Right now the exact geographical location of the origin of this malware is not possible to be detected.

What is Petya targeting?

The most important target of Petya is big companies and organizations. It targeted HR departments and agencies by sending them emails that contained Dropbox download link. The links contain an .exe file that accesses the computer of the victim and claims that they will only release the access when the ransom money is paid. There are many countries which are affected by the attack of this malware. The most affected country was Ukraine, the National Bank of Ukraine, the Kiev metro and it many airports profile systems. Many multinational companies are also affected including Maersk, Mondelez, Nivea, and WPP.

How is Petya recognized?

Petya can be recognized when the user clicks on the .exe file. He gets a clue that something is wrong by the window’s “Blue death screen”. Then a skull appears with a red background. Another screen appears that gives the message of the demand of money in the form of bitcoins in return for the access to the files of the computer.

How to avoid the ransomware?

Once your files get encrypted by the malware, you can do nothing about it. There is one option that lefts after the malware attack that is paying the attacker. But what’s the guarantee that he will allow you the access even after getting the money. He could just take the money and disappear. So for this, it is your duty to avoid the malware. There are 3 ways to avoid the ransomware:

  1. Discover the origin:

The malware enters through an email. It looks totally harmless until it enters the computer. Companies and organizations must protect its computers from these kinds of emails.

  1. Understand the behavior:

Only focusing on the content of the malicious material is not appropriate. The companies should look for the vital clues of where the infection is actually coming rather than just focusing on what it is.

  1. Block the infection:

Mostly the virus containing content is sent from the same IP addresses with a little bit of change. The company should automatically block the connection to the known malicious IP addresses in order to avoid the malware as much as possible.

How to defend you PC against it?

The best way to defend your PC against the malware is to install and download a good antivirus. The reason of using an antivirus is that it is very effective and it does work on its own. “Avast Antivirus” is one of the best antiviruses to detect and remove the malware. If your computer gets the defected with the ransomware, avast will detect it, quarantine and destroy it. If avast detects that Petya is trying to enter the PC, it blocks it.

Why is Avast the best?

  • Trusted by almost 400 million people all over the world
  • It has the lowest impact on the performance of your PC
  • Rated “Excellent” by experts
  • Best features- home network protection, unbreakable password security and clean browsing etc.

Unfortunately, there is no antivirus that can work on files been encrypted by the malware. All you can do is to protect your PC as much as possible. Avoid open files received in attachments from unknown senders is the first step to keep in mind to avoid loss of data.