Hackers made less than R26 000 off Petya global cyber attack


Johannesburg - Hackers made less than R26 000 off the massive Petya malware attack which has affected computers globally - including thousands in South Africa - since Tuesday night.

Carey van Vlaanderen, CEO of ESET Southern Africa, told Fin24 that the financial gain was significantly lower during the Petya Attack, compared to the recent WannaCry virus. 

“The impact of the Petya virus was not nearly as serious as WannaCry. However, it spread in similar situations to the recent attack,” she said.  

Despite the financial gain of around $2 000 by the hackers responsible for the Petya attack, Van Vlaanderen said that the virus incurred serious monetary costs for companies. 

READ: Up to million computers hit in biggest cyber attack ever

“The Petya attack spread very similarly to how the WannaCry virus did, with Windows machines around the world vulnerable to the virus,” said Van Vlaanderen.

The virus originated in Ukraine, with ‘patient zero’ seeing 75.24% of the spread, followed by 9.06% in Germany and 5.81% in Poland. 

South Africa saw thousands of infections but featured far down the list, suffering only 0.03% of the total attack. 

ESET researchers have located the point from which this global epidemic started. 

Attackers have successfully compromised the accounting software M.E.Doc, popular across various industries in Ukraine, including financial institutions. 

Several of them executed a trojanised update of M.E.Doc, which allowed attackers to launch the massive ransomware campaign which spread across the whole country and to the whole world. 

READ: Here's how to protect yourself against WannaCry and other malware

Numerous reports are coming out on social media about a new ransomware attack in Ukraine which could be related to the Petya family, currently detected by ESET as Win32/Diskcoder.C Trojan. 

It appears to be using a combination of the SMB exploit (EternalBlue) used by WannaCryptor for getting inside the network, then spreading through PsExec for spreading within the network.

ESET said this dangerous combination may be the reason why this outbreak has spread globally and rapidly, even after the previous outbreaks have generated media headlines and most vulnerabilities have hopefully been patched. 

The WannaCry virus which surfaced in May was seen as the biggest attack of 2017, with between 400 000 and 1 million devices affected globally.

Read Fin24's top stories trending on Twitter:

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For 14 free days, you can have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today. Thereafter you will be billed R75 per month. You can cancel anytime and if you cancel within 14 days you won't be billed. 
Subscribe to News24
Rand - Dollar
Rand - Pound
Rand - Euro
Rand - Aus dollar
Rand - Yen
Brent Crude
Top 40
All Share
Resource 10
Industrial 25
Financial 15
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders