Hackers made less than R26 000 off Petya global cyber attack

Johannesburg - Hackers made less than R26 000 off the massive Petya malware attack which has affected computers globally - including thousands in South Africa - since Tuesday night.

Carey van Vlaanderen, CEO of ESET Southern Africa, told Fin24 that the financial gain was significantly lower during the Petya Attack, compared to the recent WannaCry virus. 

“The impact of the Petya virus was not nearly as serious as WannaCry. However, it spread in similar situations to the recent attack,” she said.  

Despite the financial gain of around $2 000 by the hackers responsible for the Petya attack, Van Vlaanderen said that the virus incurred serious monetary costs for companies. 

READ: Up to million computers hit in biggest cyber attack ever

“The Petya attack spread very similarly to how the WannaCry virus did, with Windows machines around the world vulnerable to the virus,” said Van Vlaanderen.

The virus originated in Ukraine, with ‘patient zero’ seeing 75.24% of the spread, followed by 9.06% in Germany and 5.81% in Poland. 

South Africa saw thousands of infections but featured far down the list, suffering only 0.03% of the total attack. 

ESET researchers have located the point from which this global epidemic started. 

Attackers have successfully compromised the accounting software M.E.Doc, popular across various industries in Ukraine, including financial institutions. 

Several of them executed a trojanised update of M.E.Doc, which allowed attackers to launch the massive ransomware campaign which spread across the whole country and to the whole world. 

READ: Here's how to protect yourself against WannaCry and other malware

Numerous reports are coming out on social media about a new ransomware attack in Ukraine which could be related to the Petya family, currently detected by ESET as Win32/Diskcoder.C Trojan. 

It appears to be using a combination of the SMB exploit (EternalBlue) used by WannaCryptor for getting inside the network, then spreading through PsExec for spreading within the network.

ESET said this dangerous combination may be the reason why this outbreak has spread globally and rapidly, even after the previous outbreaks have generated media headlines and most vulnerabilities have hopefully been patched. 

The WannaCry virus which surfaced in May was seen as the biggest attack of 2017, with between 400 000 and 1 million devices affected globally.

Read Fin24's top stories trending on Twitter:

ZAR/USD
16.88
(-0.38)
ZAR/GBP
21.25
(-0.25)
ZAR/EUR
19.05
(-0.33)
ZAR/AUD
11.72
(-0.12)
ZAR/JPY
0.16
(-0.80)
Gold
1804.89
(+0.07)
Silver
18.64
(-0.06)
Platinum
841.31
(+0.92)
Brent Crude
42.31
(-2.17)
Palladium
1942.50
(-0.59)
All Share
55571.82
(-0.39)
Top 40
51299.15
(-0.46)
Financial 15
10405.16
(+0.63)
Industrial 25
76547.07
(-1.14)
Resource 10
52643.52
(+0.11)
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Please select an option Oops! Something went wrong, please try again later.
Results
I'm not really directly affected
18% - 1890 votes
I am taking a hit, but should be able to recover in the next year
23% - 2490 votes
My finances have been devastated
35% - 3705 votes
It's still too early to know what the full effect will be
25% - 2651 votes
Vote