Header Ads

New petya is not a ransomware it is not designed to make money

Petya new variant new petya 2017 is a wiper not a  ransomware. So what is the difference
between a  wiper and a ransomware??

The goal of a wiper is to destroy and damage. The goal of a ransomware is to make money. Different intent. Different motive. A ransomware has the ability to restore its modification such as (restoring the MBR like in the 2016 Petya, or decrypting files if the victim pays) — a wiper would simply destroy and exclude possibilities of restoration. This time their motive is not to extort, the code was build to destroy only .

(Petya vs New Petya Code Difference)

After comparing earlier and current version petya, Researchers noticed that the current implemented that massively infected multiple entities Ukraine was in fact a wiper which just trashed the 25 first sector blocks of the disk.That would mean that 24 sector blocks following the first sector block are being purposely overwritten, they are not read or saved anywhere. Whereas the original 2016 Petya version correctly reads each sector block and reversibly encode them.2016 Petya modifies the disk in a way where it can actually revert its changes. Whereas, 2017 Petya does permanent and irreversible damages to the disk.It is just a screen message which promises to decrypt once they get the money to their bitcoin address but If this well-engineered and highly crafted malware was meant to generate revenue, then this communication pipeline was possibly the worst of all options and hence posteo quickly closes the hackers account from there account and warns the victims not to pay the money to their bitcoin address.

No comments

Powered by Blogger.