Organizations in the US and Europe have been left crippled by the latest ransomware attack known as Petya. Similar to the Wannacry attack that struck a few days ago, Petya ransomware attack is believed to be exploiting the same EternalBlue exploit that was used by Wannacry attack. The cyberattack has affected a lot many organizations, including banking institutions, airlines and hospitals. Petya ransomware follows WannaCry’s pattern – it locks up a computer’s files and demands $300 bitcoins as rewards to unlock the data. Worse, all the data on the computer gets encrypted. Fortunately, a fix has been discovered. Read on to find out the fix!
Petya Ransomware attack: Here’s a simple fix
Several security researchers the world over have been trying to find the killswitch for the deadly Petya ransomware attack. According to reports, a vaccine – not a killswitch – has been found for Petya, which has now been classified as “NotPetya” by Kaspersky after it confirmed that it’s not a variant of the older Petya ransomware that was seen before.
Amit Serper, a security researcher, has found a way to prevent Petya (NotPetya). Serper has discovered that when the ransomware finds a local file on the disk, it ceases its encryption routine. Several security researchers have confirmed this finding. The solution involves creating a file called perfc in Windows folder.
Follow these simple steps to make your computer immune against Petya (NotPetya) virus –
- Open Folder Options. Uncheck Hide extensions for known file types option.
- Head to C:\Windows. Select notepad.exe. Press Ctrl+C and Ctrl+V (copy and paste).
- After completing step 2, you will see that a new file by name notepad – copy.exe gets created.
- Rename notepad – copy.exe as perfc and hit Enter.
- When prompted to confirm, choose Yes.
- Next, this file has to be made read-only. To do so, right-click on the file and select Properties.
- Check the Read-only option in the properties window.
- Click on Apply. Select OK.
Following these steps will protect you against Petya ransomware attack. But this isn’t a global solution – it works only on the computer on which it’s applied.