Another Massive Ransomware Attack Spreads Around the World

Be careful what you click on.

Petya

The Petya ransomware in actionDS-Tech/YouTube

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.

A month after the WannaCry ransomware hobbled hundreds of thousands of computers around the world, another major ransomware attack is making its way across Europe, Russia, the United States, and elsewhereā€”locking the victims’ computers and demanding ransom payments.

“We are talking about a cyberattack,” Anders Rosendahl, a spokesman for A.P. Moller-Maersk, a massive Danish shipping company, told the Associated Press after the firm was hit by the malicious software. “It has affected all branches of our business, at home and abroad.” 

According to cybersecurity firm Symantec, the attack makes use of the “EternalBlue” exploit developed by the National Security Agency called to take advantage of a flaw in the Microsoft Windows operating system. (Microsoft recently released a patch intended to address this flaw.) That exploit made its way into the wild after a group calling itself The Shadow Brokers dumped what it said was a suite of NSA hacking tools on the internet in April. The Shadow Brokers first came on the scene in August 2016 when they claimed to have hacked a server containing a host of tools used by the Equation Group, a hacking group thought to be associated with the NSA.

Initial reports dubbed the attack “Petya,” a version of previously detected malware, but information security firm Kaspersky Lab said Tuesday’s attack was something “that has not been seen before,” according to Patrick O’Neill of Cyberscoop.

Whoever was behind Tuesday’s wave of ransomware apparently demanded $300 worth of Bitcoin to unlock the affected computers. “If you see this text, then your files are no longer accessible because they have been encrypted,” the attackers wrote in a message posted on a victim’s computer screens. “Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.”

As of about 2 p.m. ET Tuesday, 24 payments had been made to the address listed by the hackers, totaling about $6,000.

Merck, a US-based pharmaceutical company, said Tuesday that its computer network was also damaged “as part of the global hack” and that the company was investigating the matter. DLA Piper, a US-based global law firm, had its phones and computers affected by the bug. The Chernobyl nuclear power plant also reportedly switched to manual radiation monitoring because of the attack. Rosneft, a massive Russian energy company, said it had been impacted, as well.

WE'LL BE BLUNT

It is astonishingly hard keeping a newsroom afloat these days, and we need to raise $253,000 in online donations quickly, by October 7.

The short of it: Last year, we had to cut $1 million from our budget so we could have any chance of breaking even by the time our fiscal year ended in June. And despite a huge rally from so many of you leading up to the deadline, we still came up a bit short on the whole. We canā€™t let that happen again. We have no wiggle room to begin with, and now we have a hole to dig out of.

Readers also told us to just give it to you straight when we need to ask for your support, and seeing how matter-of-factly explaining our inner workings, our challenges and finances, can bring more of you in has been a real silver lining. So our online membership lead, Brian, lays it all out for you in his personal, insider account (that literally puts his skin in the game!) of how urgent things are right now.

The upshot: Being able to rally $253,000 in donations over these next few weeks is vitally important simply because it is the number that keeps us right on track, helping make sure we don't end up with a bigger gap than can be filled again, helping us avoid any significant (and knowable) cash-flow crunches for now. We used to be more nonchalant about coming up short this time of year, thinking we can make it by the time June rolls around. Not anymore.

Because the in-depth journalism on underreported beats and unique perspectives on the daily news you turn to Mother Jones for is only possible because readers fund us. Corporations and powerful people with deep pockets will never sustain the type of journalism we exist to do. The only investors who wonā€™t let independent, investigative journalism down are the people who actually care about its futureā€”you.

And we need readers to show up for us big timeā€”again.

Getting just 10 percent of the people who care enough about our work to be reading this blurb to part with a few bucks would be utterly transformative for us, and that's very much what we need to keep charging hard in this financially uncertain, high-stakes year.

If you can right now, please support the journalism you get from Mother Jones with a donation at whatever amount works for you. And please do it now, before you move on to whatever you're about to do next and think maybe you'll get to it later, because every gift matters and we really need to see a strong response if we're going to raise the $253,000 we need in less than three weeks.

payment methods

WE'LL BE BLUNT

It is astonishingly hard keeping a newsroom afloat these days, and we need to raise $253,000 in online donations quickly, by October 7.

The short of it: Last year, we had to cut $1 million from our budget so we could have any chance of breaking even by the time our fiscal year ended in June. And despite a huge rally from so many of you leading up to the deadline, we still came up a bit short on the whole. We canā€™t let that happen again. We have no wiggle room to begin with, and now we have a hole to dig out of.

Readers also told us to just give it to you straight when we need to ask for your support, and seeing how matter-of-factly explaining our inner workings, our challenges and finances, can bring more of you in has been a real silver lining. So our online membership lead, Brian, lays it all out for you in his personal, insider account (that literally puts his skin in the game!) of how urgent things are right now.

The upshot: Being able to rally $253,000 in donations over these next few weeks is vitally important simply because it is the number that keeps us right on track, helping make sure we don't end up with a bigger gap than can be filled again, helping us avoid any significant (and knowable) cash-flow crunches for now. We used to be more nonchalant about coming up short this time of year, thinking we can make it by the time June rolls around. Not anymore.

Because the in-depth journalism on underreported beats and unique perspectives on the daily news you turn to Mother Jones for is only possible because readers fund us. Corporations and powerful people with deep pockets will never sustain the type of journalism we exist to do. The only investors who wonā€™t let independent, investigative journalism down are the people who actually care about its futureā€”you.

And we need readers to show up for us big timeā€”again.

Getting just 10 percent of the people who care enough about our work to be reading this blurb to part with a few bucks would be utterly transformative for us, and that's very much what we need to keep charging hard in this financially uncertain, high-stakes year.

If you can right now, please support the journalism you get from Mother Jones with a donation at whatever amount works for you. And please do it now, before you move on to whatever you're about to do next and think maybe you'll get to it later, because every gift matters and we really need to see a strong response if we're going to raise the $253,000 we need in less than three weeks.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate