The culprit of cyberseconds of more than 2,000 computers is a variant of a computer virus called Petya, known Petwarap. The ransomware has been propagated in a similar way to WannaCry virus guilty of the first wave of cyber attacks.
According to ABC.es, the virus takes advantage of the same vulnerability of Microsoft as in the first global cyber attack, so the systems that did not install the company’s security update are some of those affected.
The attack has also affected teams that had installed the security patch, which ransomware has entered “robbing crecendiales and propagating through the internal network, although patched, it is as if the administrator installed a program,” says ABC Vicente Díaz, the senior analyst at Kaspersky Lab.
The National Cryptological Center has advised extreme caution with unknown emails, because it is thought that in updated Windows computers has entered through an email with a malicious file.
It is a variant of Petya, because until a year ago ransomware attacked through an email with a malicious file. For distribution uses methods similar to WannaCry, including a propagation tool that stole the National Security Agency (NSA) and hung on the dark net Tor network: EternalBlue.
Instead, Petya has a “stronger code than WannaCry and uses more vulgarities,” says Diaz. However, it is not expected to have more impact than this ransomware, but is more efficient.
The cybersexues asked in return for the recovery of their systems a rescue of 300 dollars in bitcoins and sending an email to an account. This email was closed hours after the attack began, so there will be no more payments to the cyber-enrollers.
About 30 transfers have been made to the kidnappers to release equipment valued at more than $ 7,600, although the identity of those who have made the payment is unknown.