Ransomware Petya brings a backup buddy to the party

by Radu Tyrsina
Radu Tyrsina
Radu Tyrsina
CEO & Founder
Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time). For most of the kids of... read more
Affiliate Disclosure

Petya is a nasty piece of ransomware that has been infecting computers for quite some time. Surprisingly, this little problem has grown a lot due to it now bringing a friend along for the ride.

For those who are not aware, Petya encrypts your files and holds it hostage. In order for users to regain control of their files, they must pay up in Bitcoins, and if they do not have access to Bitcoins, well, they’ll need to kiss their files goodbye or find a way to get around Petya.

Additionally, the ransomware file also manipulates the system’s booting process. This makes it difficult for victims to operate their computers, and as such, many have decided to pay up if they have access to Bitcoins. Clearly this is Petya ransomware is a nasty piece of work, and for now, there’s not a permanent fix.

Now, folks should realize that Petya is unable to activate on a computer unless it is given administrator rights. Should the computer user reject the administrator prompt, Peyta will be terminated, and this is something that didn’t sit well with the developers.

In a recent version of Peyta, it brings to the table a new friend that goes by the name, Mischa. This particular malware acts as a backup plan just in case Peyta fails. “Unlike Petya, the Mischa Ransomware is your standard garden variety ransomware that encrypts your files and then demands a ransom payment to get the decryption key,” according to Lawrence Abrams, founder of BleepingComputer.com.

Keep in mind that Peyta along with Mischa are delivered via emails masked as job applications. The gullible user will then be lead to a cloud storage where they will be asked to download a file with a name similar to “PDFBewerbungsmappe.exe.”

Here’s the thing, the icon of this file will resemble that of a PDF file, so bear this in mind before downloading and or installing. If you have problems identifying a ransomware, this can be done by using an interesting free tool.

This article covers:Topics: