PetrWrap, what you need to know

Before you go ahead into the article to read in more detail, make sure to not open emails or email attachments from people you don’t know! Again, do not open emails or email attachments that look odd! That’s it.

Windows computers around the world are locking up and displaying a black and red message that as seen in the featured image, which shows that they have been infected by a major ransomware attack.

PetrWrap, is a new ransomware tool built from the bones of Petya, which held users’ files for “ransom” and demanded usually egregious payment in exchange for the encryption key earlier this spring. Without getting too deep in the weeds, PetrWrap is essentially a revision of this method that subverts protections put in place following Petya’s outbreak.

BBC says that that PetrWrap ransomware has already infected computers within some major national infrastructures and some of the world’s largest institutions. Namely, the Ukranian power company, its central bank and Kiev’s main airport have suffered attacks from the ransomware. Other victims include the Chernobyl nuclear power plant, Danish shipping company Maersk as well as victims in the US, including pharmaceutical firm Merck and the US offices of a law firm known as DLA Piper, The Verge reports.

Similar to Wannacry

PetrWrap uses the same EternalBlue exploit employed by WannaCry earlier this spring to spread, targeting Windows computers’ SMB file-sharing system and believed to have been developed by the National Security Administration, or NSA, in the US.

Even if users were to pay up – and this is something not recommended – the hackers behind PetrWrap will have lost access to the email account through which it was sending out encryption keys.


How to protect yourself

  • Update your system daily
  • Activate and update Windows Defender
  • Consider a second anti-virus
  • Don’t open emails or email attachments from people you don’t know
  • Don’t open emails or email attachments that look odd