New global cyberattack spreads across Europe
Reports say virus uses same hacking tool and weaknesses as those exploited by WannaCry in May
MOSCOW/KIEV: A ransomware attack hit computers across the world on Tuesday, taking out servers at Russia’s biggest oil company, disrupting operations at Ukrainian banks, and shutting down computers at multinational shipping and advertising firms.
Cyber security experts said those behind the attack, dubbed GoldenEye, appeared to have exploited the same type of hacking tool used in the WannaCry ransomware attack that infected hundreds of thousands of computers in May before a British researcher created a kill-switch.
“It’s like WannaCry all over again,” said Mikko Hypponen, chief research officer with Helsinki-based cyber security firm F-Secure.
The US department of homeland security said it was monitoring reports of cyber attacks around the world and coordinating with other countries.
The first reports of organisations being hit emerged from Russia and Ukraine, but the impact quickly spread to computers in Romania, the Netherlands, Norway, and Britain.
A Ukrainian media company said its computers were blocked and it had a demand for $300 worth of the Bitcoin crypto-currency to restore access to its files.
“If you see this text, then your files are no longer accessible, because they have been encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service,” the message said.
Experts said the latest ransomware attacks unfolding worldwide, were a variant of an existing ransomware family called Petya.
Russian security software maker Kaspersky Lab, however, said its preliminary findings suggested the virus was not a variant of Petya but a new ransomware not seen before.