Security researchers have discovered a digital vaccine to protect against the Petya ransomware which hit more than 12,000 machines running on Microsoft Windows-based networks in 64 countries on Tuesday. The creation of a single file can stop the attack from infecting a machine.
Petya sparked mass disruption after it emerged. Ukraine and Russia appeared hardest hit by the new strain of ransomware — malicious software that locks up computer files and hard drive with all-but-unbreakable encryption and then demands a ransom of $ 300 in bitcoins for its release. However, given the low ransom amount, experts say the payment demands do not work, and that the virus is primarily focused on destroying data, causing wider disruption or making a political statement. Experts are still unsure about the attack’s origins or its real purpose.
In the U.S., the malware affected companies such as the drugmaker Merck and Mondelez International, the owner of food brands such as Oreo and Nabisco.
Security expert Brian O’Higgins says the virus is a “disaster” for corporate networks. “If it gets in, it spreads everywhere,” he told CTV News Channel on Wednesday. “This is just designed to spread as fast as it can and do as much damage (as possible).”
The experts, however, have said that the vaccine must be applied to each computer individually and will not kill the bug altogether.
Cybereason security researcher Amit Serper found a way to prevent the ransomware affecting computers which note that other experts agreed with his findings. Users can create a read-only file called ‘perfc’ in their C:/Windows folder to ‘vaccinate’ their computers and stop Petya. The procedure is fairly simple for IT professionals or computer-savvy individuals to follow.
The researchers have not been able to find a so-called kill switch that would prevent the crippling ransomware from spreading to other vulnerable computers.