Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Two Ransomwares Bundled - Petya and Mischa

Petya of late is recognized as that dangerous ransomware sample which along with encrypting files followed with demanding Bitcoins to set the encrypted files free, fiddles with the booting system. As a result, victims find it more difficult in operating their PCs, making it more necessary for them to make the ransom payment.

The condition for Petya's working is that the user must at the outset allow the malware to gain admin privileges via the UAC utility that ensures security. But, in case the user denies such privilege, there won't be any infection. Nevertheless, Petya's creators have found a way to overcome this. They are serving another fresh ransomware in case of the privilege denial to Petya.

Specifically, the Petya developers have found a solution to the problem wherein the ransomware wouldn't work in case of non-grant of admin rights necessary for it towards targeting MFT. The Petya has one new installer, which if not given admin rights, would rather load one other ransomware strain called Mischa. Threatpost.com posted this online dated May 13, 2016.

The Mischa starts working by encrypting the victim's data folders straight away, something which does not need special privileges.

Both these malicious programs' operator having a Twitter id @Ianussec, at present is working out one service with which other cyber criminals can hire his ransom software.

These other cyber criminals will just be required to distribute the malicious program. Once user computers are infected, and the victims submit the ransom payment, the money would get divided among the distributors and Janussec, on the basis of certain pre-arranged payment plan. If the malware distributors catch up a greater number of victims, the money they would retain also becomes more.

Presently, the service has been shut because it is undergoing a beta-testing stage, whereby just a few criminals are let admission into this platform, which is hosted on the Dark Web, and named Janus Cyber-crime.

And whilst ransomware already impairs plentiful file extensions making an end-user's computer inoperable, Mischa does something more by encrypting even files with .exe extension, snatching away the end-user's capability towards running executables.

ยป SPAMfighter News - 5/19/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page