What is Petya Ransomware? Same with WannaCry, which was just broke out on last May, Petya Ransomware is a variant that encrypts a system’s MBR in addition to encrypting files and spreading by using the EternalBlue vulnerability. Besides encrypting files, Petya still can finds passwords on the infected computer to move to other systems, according to former NSA analyst and cybersecurity entrepreneur David Kennedy. It does that by extracting passwords from memory or from the local file system.
How to Prevent Your Windows from Attacking?
Update System Patches Now
Microsoft released a patch earlier this year which prevented any EternalBlue hacks, even for Windows XP.back to menu ↑
Change Your System Passwords to Complex One
To prevent passwords being extracted easily by the Petya ransomware, complex password contains special characters might be safer than just “11111”.back to menu ↑
Close System Service to Prevent Attacking
WMI and SMBv1. Those two services might be easily attacked by this Petya ransomware, close the service may help you prevent the attack.back to menu ↑
Prevent MBR from Malicious Tampering and Encrypted
Most of Windows inflected Petya/GoldenEye Ransomware because of their hard disk MBR was encrypted or tampered, IObit MBR Guard is a simple filler for disk, it can prevent MBR from malicious tampering and encrypted.back to menu ↑
Install Anti-ransomware Tool
Anti-ransomware Tool can help users check and prevent the Petya ransomware attacking in real time. Also with its anti-ransomware engine, it will detects and stops malicious actions and prevent suspicious activity at all times.
What to do when your Windows was inflected?
The Petya Ransomware attacking will be taking effect after the system reboot. When you found system was inflected by getting a system warning to restart your system, then IMMEDIATELY shut down your windows, take your disk hardware out and send it to professionals to help you backup important data.