Share

Hackers made less than R26 000 off Petya global cyber attack

accreditation

Johannesburg - Hackers made less than R26 000 off the massive Petya malware attack which has affected computers globally - including thousands in South Africa - since Tuesday night.

Carey van Vlaanderen, CEO of ESET Southern Africa, told Fin24 that the financial gain was significantly lower during the Petya Attack, compared to the recent WannaCry virus. 

“The impact of the Petya virus was not nearly as serious as WannaCry. However, it spread in similar situations to the recent attack,” she said.  

Despite the financial gain of around $2 000 by the hackers responsible for the Petya attack, Van Vlaanderen said that the virus incurred serious monetary costs for companies. 

READ: Up to million computers hit in biggest cyber attack ever

“The Petya attack spread very similarly to how the WannaCry virus did, with Windows machines around the world vulnerable to the virus,” said Van Vlaanderen.

The virus originated in Ukraine, with ‘patient zero’ seeing 75.24% of the spread, followed by 9.06% in Germany and 5.81% in Poland. 

South Africa saw thousands of infections but featured far down the list, suffering only 0.03% of the total attack. 

ESET researchers have located the point from which this global epidemic started. 

Attackers have successfully compromised the accounting software M.E.Doc, popular across various industries in Ukraine, including financial institutions. 

Several of them executed a trojanised update of M.E.Doc, which allowed attackers to launch the massive ransomware campaign which spread across the whole country and to the whole world. 

READ: Here's how to protect yourself against WannaCry and other malware

Numerous reports are coming out on social media about a new ransomware attack in Ukraine which could be related to the Petya family, currently detected by ESET as Win32/Diskcoder.C Trojan. 

It appears to be using a combination of the SMB exploit (EternalBlue) used by WannaCryptor for getting inside the network, then spreading through PsExec for spreading within the network.

ESET said this dangerous combination may be the reason why this outbreak has spread globally and rapidly, even after the previous outbreaks have generated media headlines and most vulnerabilities have hopefully been patched. 

The WannaCry virus which surfaced in May was seen as the biggest attack of 2017, with between 400 000 and 1 million devices affected globally.

Read Fin24's top stories trending on Twitter:

We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
heading
description
username
Show Comments ()
Rand - Dollar
18.97
-0.1%
Rand - Pound
24.10
+0.0%
Rand - Euro
20.61
-0.1%
Rand - Aus dollar
12.37
+0.4%
Rand - Yen
0.13
+0.5%
Platinum
906.50
-1.8%
Palladium
1,010.52
+0.4%
Gold
2,156.15
-0.2%
Silver
24.97
-0.3%
Brent Crude
86.89
+1.8%
Top 40
65,948
-0.5%
All Share
72,132
-0.4%
Resource 10
53,232
-0.2%
Industrial 25
99,741
-0.7%
Financial 15
16,581
-0.3%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders