TZ-CERT is aware of the number of published reports regarding a computer malicious software named Petya Ransomware that has affected several computers around the world.
Ransomware is a type of malicious software family that infects and prevents users from accessing their files or systems, either by locking the system’s screen or by encrypting the user’s files unless a certain amount of money is paid. Paying a ransom does not guarantee access to be restored thus users organizations are discourage from paying the ransom.
The reports show that Petya Ransomware is infecting Windows based computers that have outdated and unpatched software and specifically with a Microsoft Server Message Block 1.0 (SMBv1) vulnerability by encrypting the master boot records.
The patch for this vulnerability was released by Microsoft earlier this year and users of Microsoft computers can secure their computers by installing the security patch.