Barely seven weeks after a major cyberattack crippled computers all over the world, another crisis has hit major companies. Though this assault has some similarities to the earlier attack, it is in some ways deadlier
Stronger encryption
Originally labelled Petya, this ransomware started circulating in 2016. While WannaCry’s many design flaws caused it to flame out after a few days, this latest ransomware threat doesn’t make the same mistakes, writes Wired’s security reporter Lily Hay Newman
Researchers call this new ransomware as “NotPetya” or “GoldenEye”; it has added refinements such as stronger encryption, Newman adds. “The quality of the code improves from iteration to iteration—this GoldenEye ransomware is pretty solid,” Wired quotes a security researcher as saying
No kill switch here
When the WannaCry ransomware hit computers, a researcher accidentally hit a kill switch thus slowing down the attack. But guess what? GoldenEye shows no signs of having such a pitfall—so far
There are reports saying GoldenEye has infected fewer computers when compared to WannaCry.
But that’s not a weakness. Ransomware is a malicious software designed to block access to a system until a sum is paid. As WannaCry affected many computers, the hackers behind the attack could not handle that volume of payments
Its Achilles heel?
Similarly, GoldenEye’s weakness also lies in its payment. For GoldenEye, a victim has to send a proof of payment to an email address and then the attackers would send a decryption key. This manual payment might reduce the victim’s faith in paying a ransom.
And the hackers’ email provider, Posteo, pulled the plug on their account, making payment confirmation pretty much impossible. But the ransom is just $300, causing some to speculate the attack might be a political statement