Over the past few years, one of the most prevalent types of malware has been ransomware - an infection that automatically locks down your sensitive data, and then makes you buy it back with your hard-earned cash. In May, one of the hardest-hitting ransomware strikes occurred, via the appropriately named WannaCry. Now, that's "old" news; today, the major threat is Petya, another piece of ransomware. Or is it?
That's the big question. As we covered a couple of times this week, Petya is designated as ransomware that seems to be mostly striking computers in Europe. If infected, the user is told to send $300 worth of Bitcoin to a specific address to receive a key. The fee, all things considered, is modest as far as these things go, but it's modest enough to make it all the more infuriating, as many suffering from this ransomware will be hugely compelled to pay it (there have been reports of 45 transactions made so far).
Now researchers are starting to believe that Petya wasn't conceived to make the attacker rich, even though it features the capability to do so, due to "aggressive" features that make it impossible to receive a key. Ultimately, some believe the malware was created just to garner media interest. And well, it sure reached that goal.
Considering the fact that there is a Bitcoin address provided, it stands to reason that someone is going to benefit from this ransomware, but it won't be the user, considering it's beginning to look like they'd never receive their key. Due to this design, some researchers are considering it to be a "wiper" - malware with the goal of data destruction. That's an even worse designation, because there's at least hope of data recovery with typical ransomware.
The more these attacks happen, the more it is becoming clear that our backup schemes need to be rock-solid. That's important for the regular user and it's extremely vital for a corporation. Yet, corporations continue to get bit by ransomware. It's no wonder why the likes of Microsoft, and chipmakers like Intel and AMD, are pushing the security focus harder than ever with their respective products. Data protection is of paramount importance, and some are proving too slow to clue in.