NotPetya and not just Petya: NSA the US National Security Agency, started using a hacking tool called EternalBlue five years ago. During this time, the agency breached the networks, using a flaw it should have immediately disclosed to the Microsoft.
The NSA finally revealed to Microsoft the vulnerability earlier this year, but only after the exploits were stolen and then made available online. Microsoft immediately released a "critical" patch (in March), and WannaCry launched in May. A ransomware that used EternalBlue to infiltrate Windows computers. This malware has infected over 230.000 computers in more than 150 countries.
Yesterday we met NotPetya.
NotPetya is similar to Petya ransomware, but it belongs to its own classification, according to security researchers. Both used EternalBlue exploit, but their similarities did not stop there.
NotPetya is a completely new form of ransomware that is used since yesterday to invade from the system detectionof Chernobyl radiation, in the Kiev subway, in banks and at least one US hospital.
Η Kaspersky claims that at least 2.000 businesses and institutions around the world have been affected in the last 24 hours.
- Kaspersky (@kaspersky) June 27, 2017
And WannaCry, it was devastating, but it was an impossible tool full errorthose created by amateurs.
NotPetya, according to experts, is not an amateur tool.
“Αυτό είναι μεγάλο. Πραγματικά μεγάλο,” δήλωσε στο Forbes ο πρώην αναλυτής της NSA David Kennedy.
The bad news is that it can infect any version of Windows, including Windows 10. It can even infect patched systems if there is a patched PC on the network.
The failure of the NSA and the CIA to keep the tools in their hands gave a very good lesson to everyone who criticized Snowden. Snowden had warned that this could happen.
Collecting information from agencies can cause global damage.
Let's not forget that NotPetya has just started….