What is Petna Ransomware?
We are usually dealing with ransomware programs that allow us or should allow us to restore the affected files to some extent. However, Petna Ransomware just tries to pass for a ransomware program, while in fact it is a so-called “wiper” that can successfully wipe out most of your files. Therefore, there is no way to decrypt the affected files, and the only thing you can do about Petna Ransomware is remove it. And even for that, we would recommend contacting professional computer security specialists because by having this infection on your computer you have become a victim of a global malware attack.
Where does Petna Ransomware come from?
The country that has been hit by this infection the most (Ukraine) will tell you that the Russians are responsible for creating and spreading this infection. Initially computer security experts thought that this program was a new version of the Petya Ransomware infection that was released last year. They thought so because the program used a similar code. However, after further investigation, it was easy to see that this new program had nothing to do with the ransomware from 2016.
Consequently, the new infection has more than one name now. In this article, we call it Petna Ransomware, but in other sources, you may also find it titled ExPetr, NotPetya, PetyaBlue, or PetrWrap. Whichever name you may see, you have to understand that it is still the same infection. It simply caused a lot of confusion in the cyber security world at first, and so the program ended up having a lot of different names.
However, now that the confusion has subsided, we can tell that Petna Ransomware does not get distributed via spam emails like most of the ransomware programs do. Instead, it makes use of an update from an accounting software firm. The software is called M.E.Doc, and at least 80% of the companies in Ukraine use this software. So if the criminal group behind this infection wanted to crack down most of the financial and business firms, they found a very good way to do that. What’s more, security service officials believe that the company that develops M.E.Doc could have been compromised, too. And thus their servers have been seized.
The evidence shows that the main purpose of the criminal group behind this was to disrupt business operations in Ukraine. However, the reason Petna Ransomware has spread beyond this country is that the criminals underestimated the infection’s spreading potential. Quite a few international companies have their offices in Ukraine, and so the program spread through their VPN networks into other countries, too. Some reports claim that the infection even shut down a chocolate factory in Australia.
What does Petna Ransomware do?
According to our research, the malicious application arrives at the target computer system as a DLL file. This allows the program to avoid detection even if the system has an antispyware program running. In fact, computer security experts point out that sometimes even having the newest software patches and the best security applications may not protect you from this infection. After all, Petna Ransomware was created to target big computer systems rather than individual PCs, so it is not surprising that some security measures are helpless against this threat.
Petna Ransomware does encrypt the files on the affected computer, but it leaves no way to recover them. Normally, ransomware programs come with installation ID, which contains a code that would eventually allow us to restore your files. This program, however, does not have such a code. Its installation ID contains random figures that cannot be read at all. Therefore, as mentioned, there is no way to retrieve the affected files.
How do I remove Petna Ransomware?
We do not recommend removing Petna Ransomware manually because this infection might be too dangerous to deal with it on your own. Please inform a technician and local cyber security service about the infection, and they should take care of this program for you.
You should also delete the affected files and then restore your data from an external backup, provided you have one. Perhaps you have a lot of files saved someplace else, but you are just not aware of that yet. Please consider all your options, because users often have copies of their files somewhere else without even realizing it.
100% FREE spyware scan and
tested removal of Petna Ransomware*
0 Comments.