Windows Virus

Petya is believed to be behind the massive ransomware attack that affected companies and organizations across the world in late June 2017. The most affected country in that attack was Ukraine, with the Kiev metro, the Ukrainian National Bank and several airports as some of its highest profile targets. Many multinational companies also reported being affected, such as Nivea, Maersk, WPP or Mondelez.

At this point in time, nobody really knows for sure. Companies and institutions all over the world — Russia, the United Kingdom, India, etc— have been affected, and right now it’s not possible to pinpoint Petya’s exact geographical origin.

When the victim clicks on the malicious .exe file they received as part of their download, the first clue that something is not right comes in the form of a Windows ‘blue screen of death’. Petya has started encrypting the master table file and will now display a warning screen — often a skull projected onto a red background — and a message demanding payment in bitcoins in exchange for returning access to the victim’s PC.

WannaCry, originally named as WanaCrypt, having aliases of Wana Crypt0r and Wana Decrypt0r, is a ransomware wormon Microsoft Windows (can be run on Linux via WINE) that uses two NSA-leaked tools that has wreaked havoc in airports, banks, universities, hospitals and many other facilities. It has spread to some 150 countries worldwide, mainly Russia, Ukraine, and India. It is not decryptable as it uses RSA-2048; thus, the only way to retrieve files is by backup or directly paying with Bitcoin equivalent to $300 USD. Required payment increases to the Bitcoin equivalent of $600 USD after 72 hours since the initial infection of the PC. 7 days after the victim's infection, the malware will start deleting the computer's files.

There seems to be another ransomware that some may refer to as the "successor of WannaCry", EternalRocks.