Hackers made less than R26 000 off Petya global cyber attack

accreditation

Johannesburg - Hackers made less than R26 000 off the massive Petya malware attack which has affected computers globally - including thousands in South Africa - since Tuesday night.

Carey van Vlaanderen, CEO of ESET Southern Africa, told Fin24 that the financial gain was significantly lower during the Petya Attack, compared to the recent WannaCry virus. 

“The impact of the Petya virus was not nearly as serious as WannaCry. However, it spread in similar situations to the recent attack,” she said.  

Despite the financial gain of around $2 000 by the hackers responsible for the Petya attack, Van Vlaanderen said that the virus incurred serious monetary costs for companies. 

READ: Up to million computers hit in biggest cyber attack ever

“The Petya attack spread very similarly to how the WannaCry virus did, with Windows machines around the world vulnerable to the virus,” said Van Vlaanderen.

The virus originated in Ukraine, with ‘patient zero’ seeing 75.24% of the spread, followed by 9.06% in Germany and 5.81% in Poland. 

South Africa saw thousands of infections but featured far down the list, suffering only 0.03% of the total attack. 

ESET researchers have located the point from which this global epidemic started. 

Attackers have successfully compromised the accounting software M.E.Doc, popular across various industries in Ukraine, including financial institutions. 

Several of them executed a trojanised update of M.E.Doc, which allowed attackers to launch the massive ransomware campaign which spread across the whole country and to the whole world. 

READ: Here's how to protect yourself against WannaCry and other malware

Numerous reports are coming out on social media about a new ransomware attack in Ukraine which could be related to the Petya family, currently detected by ESET as Win32/Diskcoder.C Trojan. 

It appears to be using a combination of the SMB exploit (EternalBlue) used by WannaCryptor for getting inside the network, then spreading through PsExec for spreading within the network.

ESET said this dangerous combination may be the reason why this outbreak has spread globally and rapidly, even after the previous outbreaks have generated media headlines and most vulnerabilities have hopefully been patched. 

The WannaCry virus which surfaced in May was seen as the biggest attack of 2017, with between 400 000 and 1 million devices affected globally.

Read Fin24's top stories trending on Twitter:

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Rand - Dollar
14.92
-1.1%
Rand - Pound
20.40
+0.2%
Rand - Euro
17.48
+0.3%
Rand - Aus dollar
10.83
+0.2%
Rand - Yen
0.13
+0.2%
Gold
1,750.56
0.0%
Silver
22.43
0.0%
Palladium
1,974.50
0.0%
Platinum
987.00
0.0%
Brent Crude
78.09
+1.1%
Top 40
57,643
0.0%
All Share
64,049
0.0%
Resource 10
57,254
0.0%
Industrial 25
82,879
0.0%
Financial 15
14,316
0.0%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Voting Booth
What potential restrictions on unvaccinated South Africans may make the biggest difference to public health, the economy?
Please select an option Oops! Something went wrong, please try again later.
Results
Limited access to restaurants and bars
11% - 136 votes
Limited access to shopping centres
15% - 177 votes
Limited access to live events, including sport matches and festivals
26% - 319 votes
Workplace vaccine mandates
48% - 584 votes
Vote