Large 'Petya' Cyberattack Hits Ukraine, And Experts Say It Could Spread


Europol said it is investigating the attack as well.

In the U.S., Department of Homeland Security spokesman Scott McConnell says the agency is "monitoring reports of cyber attacks affecting multiple global entities and is coordinating with our worldwide and domestic cyber partners".

In a paper for IEEE Security, researchers from Cyberpion and Israel's College of Management Academic Studies describe a "Password Reset Man-in-the-Middle Attack" that leverages a bunch of clever insights into how password resets work to steal your email account (and other kinds of accounts), even when it's protected by two-factor authentication.

Some 2000 attacks were observed as of midday in NY on Tuesday (Wednesday NZT), according to Kaspersky Lab. Russia and Ukraine were most affected, with other victims spread across countries including Britain, France, Germany, Italy, Poland and the United States, the security software maker said.

Unlike the attack from the WannaCry virus in May, which seized control of hundreds of thousands of computers and spread disruption around the world, researchers tell ABC News that today's ransomware has no known kill switch, which was used to limit the WannaCry attack.

"Unfortunately, businesses are still not ready and now more than 80 companies are affected", said Nikolay Grebennikov, vice president for R&D at data protection firm Acronis. Overall, "WannaCry" hit 230,000 computers in 150 countries, including the U.S. Microsoft issued a patch for the exploit in March. The malware uses the NSA's Eternal Blue exploit, which was leaked by Shadow Brokers.

Ukraine's security experts are working to fix the problem, the government portal says.

Russia's leading oil producer said the attack "could have had serious consequences" but said that thanks to a back-up system "the production and extraction of oil were not stopped".

Florida Captures First Title in School History
Florida jumped on LSU's all-time wins leader Jared Poche early for two runs after a trio of errors in the first and second inning. Janczak, who struggled against the Gators last Sunday, struck out seven, walked none and scattered seven hits in seven innings.

As reports of the attack spread quickly, the Ukrainian government said that several of its ministries, local banks and metro systems had been affected.

The Danish shipping giant said it had been hit across multiple regions by a computer outage.

In a message sent using its verified Twitter account, Merck confirmed Tuesday that its computer network was "compromised" as part of a global attack. "Perhaps you are busy looking to recover your files but don't waste your time". According to an image posted on Twitter (which you can see above), the malware encrypts the files on a user's system then demands victims pay $300 worth of bitcoin to recover access to their files.

And French construction materials company St Gobain has said that it had fallen victim.

An adviser to Ukraine's interior minister told Reuters that the virus first got into computer systems via "phishing" emails written in Russian and Ukrainian. One consumer lender, Home Credit, had to suspend client operations.

The newspaper said computer systems monitoring radiation at Chernobyl, the site of a catastrophic nuclear accident in 1986, were knocked offline.

Signs that this is a new strain led Kaspersky Lab malware analyst Vyacheslav Zakorzhevsky to say the outbreak comes from a "new ransomware we haven't seen before".