It’s kind of ironic that the original hackers who created and perfected their own malware had it stolen out from their noses (figuratively speaking) before they could profit from the latest and best upgrade.
Hackers managed to steal a piece of ransomware called Petya and bypassed the original creators’ encryption key and they have attacked selected companies. This malware is known for overwriting a PC’s master boot record, according to PC World.
A computer Trojan called PetrWrap has been used in cyber-attacks on enterprise networks, installing Petya which then rewrites the encryption codes of the original, so only the hackers themselves can restore the internal damage.
Then PetrWrap erases all evidence off the Petya breach from the ransom message.
Petya’s encrypting files compromise a hard drives master boot codes and the drive’s master file table (MFT). This table contains specific coding that allows the operating system to locate other content files on the hard drive. With the MFT corrupted, the system cannot locate and read the other files. As a result, when the infected computer is booted, the user will only see the hackers ransom note displayed.
The hackers that stole Petya managed to get version 3.0 which is the new and improved upgrade which has no exploitable flaws. This Petya allows the hackers to steal important executive data.
While the corrupted files within the victimized computer cannot be repaired, the vast bulk of content can be saved by data recovery tools.
