Second global ransomware outbreak has begun

Archive
1

https://a.msn.com/r/2/BBDm8Eo?m=en-us

 

2
F 4 E:

Bleeping Computer has a batch file fix here.  https://download.bleepingcomputer.com/bats/nopetyavac.bat

Just an FYI that the contents of this batch file are described in the bleepingcomputer article Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak.  According to that article the batch file simply creates a copy of notepad.exe in the C:\Windows folder, renames it perfc (with no file extension) and makes it read only.

Instructions are provided in that article if you prefer to manually create the perfc file yourself.
------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.2.0 * NS Premium v22.9.4.8 * MB v3.1.2

3

Bleeping Computer has a batch file fix here.

https://download.bleepingcomputer.com/bats/nopetyavac.bat

4

There are early indications that this Petya/Petrwrap ransomware uses the same SMBv1 EternalBlue exploit used in last month's WannaCry ransomware attack. If that proves to be true then Vista SP2 and higher users should already be protected as long as they installed the SMBv1 security update listed in MS17-010 (Security Update for Microsoft Windows SMB Server: March 14, 2017) during their March 2017 Patch Tuesday updates.  Norton also provides an additional layer of protection against the ExternalBlue exploit - see the Symantec blog entry What you need to know about the WannaCry Ransomware.

Unsupported Win XP SP3 and Vista SP2 users can download patches for ExternalBlue and three other Shadow Brokers exploits (EnglishmanDentist, EsteemAudit, and ExplodingCan) from links in the Microsoft Security Advisory 4025685: Guidance for Older Platforms: June 13, 2017See my post Additional NSA-leaked Exploits Patched June 2017 for Older Operating Systems in the Norton Tech Outpost for further details.

EDIT:

Symantec has confirmed that Petya/Petrwrap ransomware uses the EternalBlue exploit and that SEP/Norton SONAR should detect this latest ransomware as Ransom.Petya - see Symantec's Petya ransomware outbreak: Here’s what you need to know.
------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.2.0 * NS Premium v22.9.4.8 * MB v3.1.2

5

See also Permalink  I posted on the Security News thread earlier.