• McAfee SNS Notice: Update on New Petya Ransomware Variants Reported

    From Lord Time@TIME to All on Fri Jun 30 23:00:00 2017
    Please bookmark the new SNS Subscription Center, to securely update your SNS subscription preferences. --------------------------------------------------- -----------------------------



    McAfee has reviewed multiple reports of modified Petya ransomware variants. McAfee Labs has analyzed and can confirm that McAfee Global Threat Intelligence (GTI) is protecting against current known samples at the low setting.

    Extensions currently known as being affected are: .3ds, .7z, .accdb, .ai, .asp, .aspx, .avhd, .back, .bak, .c, .cfg, .conf, .cpp, .cs, .ctl, .dbf, .disk, .djvu, .doc, .docx, .dwg, .eml, .fdb, .gz, .h, .hdd, .kdbx, .mail, .mdb, .msg, .nrg, .ora, .ost, .ova, .ovf, .pdf, .php, .pmf, .ppt, .pptx, .pst, .pvi, .py, .pyc, .rar, .rtf, .sln, .sql, .tar, .vbox, .vbs, .vcb, .vdi, .vfd, .vmc, .vmdk, .vmsd, .vmx, .vsdx, .vsv, .work, .xls, .xlsx, .xvd, .zip


    We have confirmed with the samples that SMB is being used as a propogation method, and are aware of reports that RDP may also be used but have yet to confirm this.


    After encryption, impacted systems may show a ransom screen and suggest a system reboot after which the system will not be accessible.


    McAfee has released V2 DAT [8574] and V3 DAT [3025.0] which covers the samples reviewed so far.

    Continuing Information

    McAfee will continue to post more information in Knowledge Base article KB89540 (https://kc.mcafee.com/corporate/index?page=content&id=KB89540) as available.

    To receive information about McAfee product updates, sign up for the Support Notification Service (SNS) at https://sns.secure.mcafee.com/signup_login.







    The McAfee Support Notification Service (SNS) delivers valuable product news to help increase the functionality and protection capabilities of your McAfee products.


    Securely manage your SNS email preferences. | Unsubscribe from all SNS communications. | For SNS questions, email us.
    For support issues access Technical Support, Service Portal, and the Knowledge Center. Enterprise (formerly Platinum) customers should contact their SAM for high severity issues. Visit the McAfee Community for product user groups and discussions. View the McAfee Privacy Notice.
    The information in this document is provided only for educational purposes and for the convenience of McAfee customers, is subject to change without notice, and is provided "AS IS" without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance. McAfee logo is registered trademark of McAfee, LLC in the US and/or other countries. Other names and brands may be claimed as the property of others.

    Copyright ⌐2017 McAfee LLC. All rights reserved. McAfee LLC | 2200 Mission College Blvd. | Santa Clara | CA 95052-8119 | USA
    ---
    ■ Synchronet ■ Time Warp of the Future BBS - Home of League 10 IBBS Games