Ransomware Strikes Again; Over 2000 Businesses Across E.Europe, Russia, Ukraine Severely Affected, India Relatively Safe
Analysts are saying that this new ransomware has been created with more powers than what WannaCry had, and is tough to crack. Code named as ‘GoldenEye’, this new ransomware is part of the family of Petya, which was unleashed in 2006.
However, this new ransomware is purely based on EternalBlue, the NSA exploit which was used by WannaCry last month to wreak havoc across all over the world.
The hackers have patched up all weak sections of WannaCry in this new ransomware, and have been designed to unleash more chaos and more troubles.
The modus operandi is almost the same: The screen of the infected computer freezes and a message demands ransom in bitcoins, in order to release the files.
While in the case of WannaCry, a kill switch accidentally discovered by a British security researcher crushed its outbreak, researchers have not been able to locate any weak spot or vulnerability in the new ransomware from Petya family, which can stop its outbreak.
List of Companies Affected By GoldenEye
- Rosneft is Russia’s top oil producer, and they have claimed that their IT network is partially affected by the new ransomware. But they have confirmed that their oil production capability hasn’t been affected
- Russian Banks: Almost every major Russian bank is now closed, due to the attack.
- AP MOLLER-MAERSK is Danish shipping major, which handles one out of 7 shipping containers shipped worldwide. The ransomware attack has crippled their transportation routes, and as per Dutch broadcaster RTV Rijnmond, their 17 shipping container terminals have been hacked, which includes two in Rotterdam and 15 in other parts of the world.
- WPP, which is World’s largest advertisement agency, has announced that their computer systems have been hacked.
- Ukrainian International Airport has been hit, but the operations are still running. Some flights have been disrupted
- Ukrainian state power grid was briefly suspended, as their IT Network was paralysed by the ransomware.
- Ukrainian power grid has been hit too
- Saint-Gobain, French construction materials company has announced that they have isolated few computer systems due to the attack
- The most serious issue has been with Chernobyl nuclear power plant in Ukraine. Due to the ransomware attack, the officials had to monitor radiation level manually, after their Windows-powered sensors were down due to the attack
- Some other companies which are severely impacted by the new ransomware include Pharmaceutical company Merck & Co, German postal and logistics company Deutsche Post, Germany’s retail chain Metro, Food company Mondelez International, Netherlands-based shipping company TNT Express, Russian steelmaker Evraz, a unit of candy manufacturer Mars Inc,
In India, there have been three reported instances as of now:
- Indian employees of Beiersdorf AG, maker of Nivea skin care products, said that some computer systems in India have been infected.
- Indian units of Reckitt Benckiser Group Plc, which owns brands such as Enfamil, Dettol and Lysol have been infected
- One of the terminals at Jawaharlal Nehru Port Trust (JNPT) has been infected. As per some officials, this infection has mainly happened due to a computer system owned by AP Moller-Maersk was infected.
More details are awaited.