What is Petya ransomware?
Petya ransomware is a malware that was created in 2006. Last year, it was modified, and the new variant was used in the wave of attacks that occurred in 2017.It locks users' PC and encrypts files. The hackers behind the attacks ask for ransom in bitcoin to decrypt users' files.
The attacks listed listed below were just some of the major Petya attacks that happened in the spring of 2017:
- Russia's oil company
- major Ukrainian banks (including the Central bank) and companies
- the airport in Kiev
- British advertising agency
- U.S. pharmaceutical company Merck
- Cadbury chocolate plant in Australia
- a major shipping firm in Netherlands
How does it work?
It can infect your PC in more ways than WannaCry or any other ransomware. It is very different from the common ransomware.It installs itself to start before Windows, causes a BSOD in Windows, and after Windows restarts, it mimics a file repair, but in reality, it encrypts the MFT(Master File Table).This type of threat will be harder to overcome.This is a cyber attack meant to sabotage and destroy users' PC.
What is so special about Petya?
Experts claim that Petya is not a traditional ransomware. It is more dangerous than WannaCry because it is a specific type of ransomware.Attackers ask for ransom in Bitcoin making you believe that your files will be decrypted.But this time, it not the case. Petya's source code revealed that it is impossible to recover and decrypt files once infected.
Will I get my data back if I pay the ransom?
There is a possibility of paying the ransom to the hackers. But there's no guarantee it will work, because cybercriminals aren't exactly the most trustworthy group of people. Also, paying the ransom may encourage these bad guys to continue and even expand their operations.We strongly suggest that you do not send any money to these cyber criminals, and instead address to the law enforcement agency in your country to report this attack.
How to prevent Petya ransomware from infecting my PC?
To prevent Petya or any other type of malware from infecting your PC, it is crucial to have an antivirus software installed on your PC as a basic protection together with an antimalware protection that will serve as an additional layer of protection.Also, you need to have backup for your personal documents.
Unfortunately, once your PC has been infected and your data encrypted, you cannot recover them. Antivirus and antimalware software can only remove the infection from your PC or they can block it / prevent it from infecting your PC if you were wise enough to have them installed on time.However, they cannot recover your encrypted files. Therefore, it is highly important to protect your files on time.
If you are using Zemana AntiMalware premium version (which comes with 15-days free trial), it will protect you by blocking the Petya ransomware on time.This way, it will prevent it from infecting your PC.
However, if you decide to continue using the Trial and do not wish to purchase the Premium subscription at the end of the trial, your Zemana AntiMalware program will disable premium features. All other(basic) features will remain unchanged.This means that you will no longer be protected from Petya, but you will still be able to scan your PC with Zemana AntiMalware, which will detect Petya and block it.
Therefore, the best prevention against Petya virus is installing the right protection solution even before you get infected.
Zemana AntiMalware as a Petya removal tool
According to MRG Effitas, Zemana AntiMalware has proved to be the best anti-ransomware software on the market and the most efficient in blocking Petya on your PC:
If you are looking for a solution that will help you in removing Petya, it is important to note that Zemana AntiMalware is compatible with any antivirus software that you might have on your PC and will run alongside it without any conflicts.
Below you can find a guide on how to detect and remove this ransomware with Zemana AntiMalware.
- STEP 1: Download Zemana AntiMalware here.
- STEP 2: Once download, install the software on your PC. You can do this by double-clicking on ZAM program icon on your desktop or in your download files.
- STEP 3: Press the "Scan" button.
- STEP 4: When the scan is complete, click "Next".
- STEP 5: Restart your computer if you are prompted to do so.