A new type of Bitcoin ransomware is making the rounds, albeit this version is doing something different entirely. Or to be more precise, Petya Bitcoin ransomware will block access to the entire hard drive, rather than target specific files or directories. This type of malware seems to be mainly infecting computers in the Benelux, although other parts of the world are not safe from harm either.
Also read: Ledger Blue Gets Nod of Approval From French Minister of Economy Petya Bitcoin Ransomware Is Here
One would come to expect it becomes much harder to distribute Bitcoin ransomware through traditional means, as most consumers and enterprises should be well aware of emails with suspicious attachments by now. But that does not seem to be the case, as this malware campaign is directly aimed at companies and job centers.
Rather than sending out an email with a dodgy Excel file, Petya Bitcoin ransomware is spreading through a job application email. In the email text is a dropbox link, which will download an executable file once a user clicks on it. Although no one should run executable files they do not know or trust, those who do will be greeted with a blue screen of death.
Rebooting the computer will happen automatically, which is where Petya wills tart to do its nasty work. By taking control of the Master Boot Record, the Bitcoin ransomware is showing messages of how the filesystem is being checked and repaired. However, there is no system check taking place, but instead, files are made inaccessible.
This is where Petya differentiates itself from other types of Bitcoin ransomware, as the malware will block file access although it remains unknown whether or not anything is encrypted at all. Similar to other types of Bitcoin ransomware, owners of infected computers will […]
