Petya cryptoware to blame massive cyber-attack at companies in Ukraine, Russia - Group-IB experts
The Petya cryptoware is to blame for a huge cyber-attack at oil, telecom and financial companies in Russia and Ukraine, the press service of Group-IB involved in cyber security and cyber-attack protection has told Interfax.
"The virus is blocking computers and demanding a payment of $300 in Bitcoins. The attack was seen at around 14:00. The way of spreading in local networks is similar to the WannaCry ransomware," Group-IB said.
Kaspersky Laboratories told Interfax that this virus does not belong to previously identified malware groups. The company said that the majority of incidents have been concentrated in Russia and Ukraine although there are reports of infection in other countries.
Kaspersky Laboratories is currently conducting an investigation, the results of which will add additional information regarding how computers are infected and how the malware code operates.
Among the targets of the cyber-attack are Russian computer networks of Bashneft, Rosneft, Ukrainian companies Zaporizhiaoblenergo, Dniproenergo and Dniprovska Power Grid. Mondelez International, Oschadbank, Mars, Nova Poshta, Nivea, TESA and other companies have been hit by the attack, as well as Kyiv Metropoliten. Government's computers, Auchan stores, Ukrainian mobile communications operators PrivatBank have been affected by the virus, Group-IB said.
Kyivstar denied the information that the company has been allegedly hit by the virus.
"No computer of the company was affected," the press service of the operator said.
Group-IB established that recently the Cobalt Group used the Petya cryptoware to hide the tracks of the attack on financial institutions.