Yesterday, it was reported that another ransomware attack was taking place in Europe with high concentrations of affected computers being located in Russia and Ukraine. The malware locks the files on the computer and demands a payment, then victims were instructed to write an email to the hackers to get their files unlocked.
Unfortunately for those affected, paying the ransom is pointless. The creator of the virus had an email account hosted with Posteo, the latter has announced that their anti-abuse team has blocked the account, citing misuse of the platform.
The implications of the account being blocked are two-fold:
- Since midday (27 June), it is no longer possible for the blackmailers to access the email account or send emails.
- Sending emails to the account is no longer possible either.
The only options that remain now for those affected are a complete re-installation of the operating system, wiping away all files and the malware in the process, or waiting to see whether a fix is released.
The anti-virus company, Kaspersky, instructs individual users to update anti-virus databases manually and ensure that all Windows updates are installed on the system; Microsoft has previously patched an exploit called EternalBlue which is leveraged in the latest attack to propagate the ransomware.
Source: Posteo