A recent ransomware attack has been affecting lots of businesses throughout Europe in what seems to be an infection similar to the WannaCry attack, which took place last month. The most affected ones are the businesses in Ukraine, where we could see systems affected at the central bank, municipal metro, state telecom and even at the Boryspil Airport in Kiev, the capital city. The Ukrenego power supplier also confessed to have compromised systems, despite the fact that there was no damage for the power supply.
A Worrying Event
The attack was even reported to have hit the Chernobyl nuclear power plant, so that they had to switch to manual radiation monitoring. Some isolated infections were also reported at ATMs or point-of-sale terminals.
However, the virus also spread internationally. Maersk, a Danish shipping company, also reported various systems down on various of their websites. The virus affected Rosneft too, a Russian oil company, even though for the moment there is no assessment of the damage. The United States did not escape the virus either, with a pharmaceutical company (Merck), a hospital in the Pittsburgh area and a law firm (DLA Piper) affected.
There are growing concerns worldwide about the ransomware, which was initially believed to be a version of the Petya one. However, it was later discovered that it has nothing to do with Petya, being a virus that hasn’t been seen until now.
Kaspersky reported that a minimum number of 2,000 users were attacked up until this afternoon. Two different firms have also noted that the ransomware uses the EternalBlue exploit, which is the same used by the WannaCry. This allows it to spread quickly between the infected systems. Microsoft tried to patch the vulnerability as quickly as possible, but there are still millions of systems that are put at risk.