Ransomware has already become one of the easiest forms of online extortion for hackers to carry out, however there is one cybercriminal group that has come up with a new way to generate as much money as possible without putting in a lot of effort: stealing ransomware codes from other hackers.
The Petya ransomware family is one such particular group, that not only encrypts the victims’ files using one of the most advanced cryptographic algorithms, but also encrypts the entire hard drive by overwriting its master reboot record, which prevents the computer from loading the operating system at any point of time.
Currently, it’s unknown of who the group is distributing the encryption code called PetrWrap or how it’s being distributed. However, the very fact that it exists appears to disturb competition, with the potential that gangs will now get distracted by fighting for dominance in the underworld.
“We are now seeing that threat actors are starting to devour each other. From our perspective, this is a sign of growing competition between ransomware gangs,” claims Anton Ivanov, senior security researcher for Kaspersky Lab.
However, that doesn’t mean that you should take their eye of the ball when it comes to protecting against ransomware.
“Theoretically, this is good, because the more time criminal actors spend on fighting and fooling each other, the less organised they will be, and the less effective their malicious campaigns will be.”
“We urge organisations to pay as much attention as possible to the protection of their networks from this kind of threat, because the consequences can be really disastrous,” Ivanov added.
Indeed, getting infected with PetrWrap could be a negative point for a company because the cryptography of this ransomware is so strong that there currently are no decryption tools available.