Israeli Comes up with fix to inoculate against Ransomeware Virus

Credit Israeli cyber sleuths for coming up with a quick fix to protect network operating software against intrusion by Ransonware. Take that Symantec and Kaspersky labs.

Note this Jewish Press.com/Ha’aretz report.

Amit Serfer, an Israeli researcher at Siibrizn Labs, discovered a method to block attacks of the Petya ransomware program that on Tuesday hit thousands of computers around the world, including in Israel, Ha’aretz reported on Wednesday.

Tuesday’s second major global ransomware attack in as many months crippled and held for ransom the computers of major firms including British multinational advertising and public relations company WPP, food company Mondelez, legal firm DLA Piper and Danish shipping and transport firm Maersk.

Researchers have reported that Petya not only encrypts specific files, but also encapsulates the computer boot sector (MBR), the part of the hard disk that’s loaded first when the computer is started. It includes information on the hard disk structure and is used to load the operating system.

Serfer discovered a way to prevent Petya from turning on and multiplying itself. “When the malicious software starts working, it checks whether in the past it ran the files, so as not to encrypt them twice,” he told Ha’aretz. “It looks for the name of the file without an extension in a Windows folder that turned it on (C:\windows\perfc).”

According to Serfer, if Petya finds the file, it concludes the computer has already been attacked and does not activate the encryption function.Credit Israeli cyber sleuths for coming up with a quick fix to protect network operating software against intrusion by Ransonware. Take that Symantec and Kaspersky labs.

Note this Jewish Press.com/Ha’aretz report.

Amit Serfer, an Israeli researcher at Siibrizn Labs, discovered a method to block attacks of the Petya ransomware program that on Tuesday hit thousands of computers around the world, including in Israel, Ha’aretz reported on Wednesday.

Tuesday’s second major global ransomware attack in as many months crippled and held for ransom the computers of major firms including British multinational advertising and public relations company WPP, food company Mondelez, legal firm DLA Piper and Danish shipping and transport firm Maersk.
Advertisement

Researchers have reported that Petya not only encrypts specific files, but also encapsulates the computer boot sector (MBR), the part of the hard disk that’s loaded first when the computer is started. It includes information on the hard disk structure and is used to load the operating system.

Serfer discovered a way to prevent Petya from turning on and multiplying itself. “When the malicious software starts working, it checks whether in the past it ran the files, so as not to encrypt them twice,” he told Ha’aretz. “It looks for the name of the file without an extension in a Windows folder that turned it on (C:\windows\perfc).”

According to Serfer, if Petya finds the file, it concludes the computer has already been attacked and does not activate the encryption function.

Serfer sees his solution as an inoculation against the invading virus.

JEWISHPRESS.COM
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *