Petya: A Vaccine

Petya: A Vaccine


Cyber security researchers have discovered a vaccine to tackle the Petya infection that crippled Microsoft Windows-based networks across the globe on Tuesday. The virus, a resurgent strain of the ransomware Petya, has infected more than 12,000 machines in 64 countries.


It should be noted that the vaccine, although a defence, does not stop the infection, nor does it stop its transference to other computers. With this in mind, this vaccine will not kill the bug entirely and each computer will need to apply the solution individually pre-infection.


The simple antidote: create a file called “perfc” in the C:\Windows folder and make the file ‘read-only’.


To do this, you can simply copy and paste the notepad.exe file inside C:\Windows, change the name of the copied file to perfc, accept the file name extension change, and modify the properties of the file to be ‘read-only.’


All of Aware’s MSP clients will be updated with the full vaccine today, several hundred computers within an hour.


If you want to be prepared for future threats, need help remediating an existing threat or just want to understand what solutions are available you can contact Aware at info@aware.co.th.


Reference links.