The “NotPetya” virus attack, which spread to businesses around the world, may not have been a project aimed at financial gain through ransoms, an increasing number of cybersecurity experts estimate.
On the contrary, despite the demand for ransom to “unlock” the infected computers, this particular “ransomware” appears to have simply been aimed at destroying data, with experts pointing to its particularly “aggressive” features, which made it impossible to retrieve important data.
As the “BBC” reports, Matt Shuihe, of the security company “Comae”, described the software as a “wiper” instead of a clear “ransomware”. Its purpose is to destroy and cause damage, he wrote, adding that the extension of the “ransomware” was intended to provoke the interest of the media.
Although the “Petya” variant used this week bears superficial similarities to the original virus, it differs in terms of how it deliberately replaces important files instead of simply encrypting them.
Agon Ivanov and Orhan Mentof, of “Kaspersky Lab”, also agree. In addition, an experienced security researcher known as “The Grugq” also agreed that the way in which the ransom was paid was rather “poor”, which further reinforces suspicions that the target was not money, but data destruction.
It is noted that the malware-related “Bitcoin” account has received 45 payments from victims who have paid more than $10,000.
The email account through which the victims reported that they had paid the ransom was closed by the German “hosting” company, thus shutting down the only channel of communication with the “malware” creators.
As the “Guardian” reports, the idea of the “malware” aimed at destroying data rather than ransom is shared by Nicholas Weaver, a UC Berkeley academic, who told the security blog “Krebs on Security” that he believes it was:
“a deliberate, malicious, destructive Attack, or perhaps a test under the cover of a “ransomware””.
An official of the Ukrainian police (noted that the attack first appeared in Ukraine) told “Reuters” that the main purpose of the software is most likely to be the country’s computing infrastructure.
Ukrainian politicians rushed to blame Russia for hiding behind the attack, accusations that Kremlin spokesman has categorically rejected.
It is noted that many cyber-security experts estimate that the main purpose of the attack was to install new malicious software on computers of government agencies and companies in Ukraine, laying the groundwork for future sabotage.
(Συνολικές Επισκέψεις: / Total Visits: 10)
(Σημερινές Επισκέψεις: / Today's Visits: 1)