Petya, the latest ransomware, is the newest data security threat seeking to encrypt your files. Although there is no cure for it yet, a researcher has come up with a clever way to prevent an infection merely by creating a single file, which should take you less than a couple of minutes.
On Tuesday, Petya caused quite a bit of mayhem in various countries around the world, including:
It has affected various companies, including airports, banks, and energy companies.
According to researchers, the EternalBlue SMB exploit was used to propagate the ransomware. Amit Serper, a data security researcher, concluded that the ransomware looks for a particular file on the system. If that file is found, the ransomware will exit and not encrypt any files.
So, to protect yourself, you need to:
- Navigate to C:\Windows
- Create an extensionless file named perfc (easily done through Notepad)
- Set the file to-read only
That’s it! It should be noted that this will not help you if you’ve already been infected. However, for those who are worried about a potential infection, this will provide protection from the current variant of Petya.
This is not a kill-switch for the ransomware, but it certainly can help protect individual computers. Unfortunately, it may not work forever, since the Petya ransomware operators can modify the code to make this measure useless.
Finally, if you have already been infected, not even paying the ransom will help, since the decryption email address has been blocked.