Goldeneye cyberattack

GOLDENEYE VIRUS

A timeline over the latest cyberattack

 

When

The cyberattack named Goldeneye-virus hit on Tuesday the 27th of June 2017.

The virus, spreading internally within networks, was very similar to the previous Petya-virus and came to life via a Posteo          email-address.

The germain email provider Posteo closed the email-address quickly on the same day of the attack.

What

Goldeneye is the computer-virus that attacked Windows-systems on PC thanks to the EternalBlue hacking-tool. EternalBlue is a technology used to penetrate PCs whose Windows operating system has still not been updated with Microsoft’s security fix from March 2017.

Goldeneye is programmed to code or crypt files on computer and thereafter require ransom to deliver a code to regain access to the files.

Where

It is said to have started in Ukraine where it affected government organizations, banks, ATMs, airport and metro systems.

It quickly spread to large European and American firms.

Maersk got attacked around 1.30PM, affecting most of the company’s global cargo booking system.

Ransom

Hackers demanded 300USD pr. computer to be payed in bitcoins, which is a cryptocurrency and digital payment system. Rumanian IT-safety company Bitdefender assumes the virus was not created to make money, but to spread fast and cause damage.

What now

If you are affected by the ransomware:

Switch the computer off to avoid the files being crypted. Do not pay the ransom, as the email-address has been shut down and therefore contact is no longer possible with the hacker party. Reformat your hard drive and reinstall your files from a backup.

I am text block. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus,

SUBSCRIBE TO NORDIC IT NEWS

Make sure never to miss a story from Nordic IT.
Sign up to get an email once a month with the latest stories.