You should know the differences between these two malware campaigns.

A new wave of cyber attacks has hit computers and enterprise servers. After the massive WannaCry attack, which impacted over 300,000 computers globally, the new ransomware is Petya, which has hit chiefly Ukraine and Russia, spread elsewhere in Europe, and hit some big firms in the US, besides shutting down operations in Mumbai’s Jawaharlal Nehru Port Trust.

Is Petya the same as WannaCry?

Petya ransomware has been around since 2016, and so far researchers don’t think it is the same as WannaCry. However, the latest attack and that by WannaCry exploited the same vulnerability in Windows systems, known as EternalBlue. Ransomware essentially locks a user out of his or her computer, and asks for a certain amount to be paid. The ransom is usually demanded in Bitcoins before the user can decrypt the hijacked data. Experts say Petya locks the ‘Master Boot Records’ in Windows, which in the words of Microsoft is “the most important data structure on the disk” — it contains all the information on disk partitions as well as the code that allows the operating system to be loaded/booted onto the PC’s memory.
According to security research firm Kasperksy, the newest ransomware could be a variant of Petya.A, Petya.D, or PetrWrap seen earlier, though not on this scale. The firm doesn’t think this is a variation of WannaCry.

So, what is the latest attack doing?

Petya is more advanced ransomware, and researchers are convinced it has no kill switch. Like WannaCry, it locks up a computer’s files and demands $300 in Bitcoins as ransom. All data on a computer gets encrypted, and researchers say there is no way to decrypt it. Once it infects the computer, it will wait for an hour or so, and then reboot the system. After that, the files are encrypted and the user sees a ransom note. Users are also warned against switching off during rebooting. “If you see this text, then your files are no longer accessible, because they are encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.”

source :http://indianexpress.com/article/technology/tech-news-technology/petya-ransomware-cyber-attack-not-wannacry-same-lock-and-demand-tactic-4726781/