Petya malware: Data destroyer not money-maker?

Researchers suspect that Petya malware, which has affected 64 countries, was designed to destroy data, not to make money.

According to the BBC, although a ransomware has to be paid, Petya deliberately overwrites computer files rather than encrypting them.

The programme requests victims to unlock files it scrambled on vulnerable machines; however, experts have witnessed “aggressive” features of the malware that destroys files and data, making it unrecoverable.

Russia has been blamed for starting the attack, according to a Ukrainian spokesman. “It’s difficult to imagine anyone else would want to do this,” said Head of Ukraine’s Cyber Protection Centre.

“2016 Petya modifies the disk in a way where it can actually revert its changes, whereas, 2017 Petya does permanent and irreversible damages to the disk,” said Russian Security Firm Kaspersky Lab.

Kaspersky Lab also noted: “It appears it was designed as a wiper pretending to be a ransomware.”

Researchers found that the malware has no way to generate a usable key to decrypt data.

Written by Leah Alger

More
articles