Views:
3,586β
Votes: 4β
β
Solution
Tags:
wine
security
malware
Link:
π See Original Question on Ask Ubuntu β§ π
URL:
https://askubuntu.com/q/930083
Title:
How can the Petya Ransomware virus affect Linux users?
ID:
/2017/06/28/How-can-the-Petya-Ransomware-virus-affect-Linux-users_
Created:
June 28, 2017
Edited: June 29, 2017
Upload:
April 8, 2024
Layout: post
TOC:
false
Navigation: false
Copy to clipboard: false
Within the last 48 hours weβve been informed of the Petya ransomware similar to the βWanna Cryβ ransomware. Both ransomware packages encrypt your data and demand $300 to unlock your data. However in the Petya case Germany has closed down the email address to respond to so you canβt pay even if you wanted to.
Unlike βWanna Cryβ which had a global kill-switch that was turned on within 72 hours by accident, βPetyaβ requires you to create a local file in order to stop your data getting encrypted however you are still infected and can pass the ransomware onto other systems.
I read in the story βPetyaβ ransomware may be smokescreen for potentially larger attack you need to create the file C:\Windows\perfc and flag it as read-only to protect your system. This would include Linux users using wine I presume. However:
-
in the comment section a user posted the file name must be
C:\Windows\perfc.exe. -
in Ransomware Vaccine Now Available they say the file name must be
C:\Windows\perfc.dll.
Can anyone confirm Linux Wine users are potential victims and what the actual read-only file name must be?