GOLDENEYE VIRUS
A timeline over the latest cyberattack
When
The cyberattack named Goldeneye-virus hit on Tuesday the 27th of June 2017. The virus, spreading internally within networks, was very similar to the previous Petya-virus and came to life via a Posteo email-address.
The germain email provider Posteo closed the email-address quickly on the same day of the attack.
What
Goldeneye is the computer-virus that attacked Windows-systems on PC thanks to the EternalBlue hacking-tool. EternalBlue is a technology used to penetrate PCs whose Windows operating system has still not been updated with Microsoft’s security fix from March 2017.
Goldeneye is programmed to code or crypt files on computer and thereafter require ransom to deliver a code to regain access to the files.
Where
It is said to have started in Ukraine where it affected government organizations, banks, ATMs, airport and metro systems.
It quickly spread to large European and American firms.
Maersk got attacked around 1.30PM, affecting most of the company’s global cargo booking system.
Ransom
Hackers demanded 300USD pr. computer to be payed in bitcoins, which is a cryptocurrency and digital payment system. Rumanian IT-safety company Bitdefender assumes the virus was not created to make money, but to spread fast and cause damage.
What now
If you are affected by the ransomware:
Switch the computer off to avoid the files being crypted. Do not pay the ransom, as the email-address has been shut down and therefore contact is no longer possible with the hacker party. Reformat your hard drive and reinstall your files from a backup.
