Home Malware Programs Ransomware Peta Ransomware

Peta Ransomware

Posted: September 4, 2019

The Peta Ransomware is a file-locking Trojan from the family of the STOP Ransomware or Djvu Ransomware. Its attacks will keep your files from opening, change the extensions on their names, and leave behind ransom notes. Users should establish backups for protecting their work and have anti-malware solutions available for deleting the Peta Ransomware or preventing infections.

Clearing Up Names to Keep Files Safe

A naming convention isn't always just a convenience; with a file-locking Trojan, it can be the difference between getting your files back and losing them permanently. Due to their dependency on compatible decryptors, reversing the impact of a file-locking Trojan infection requires identifying the threat accurately. Unfortunately, something like the Peta Ransomware can make this usually-simple feat a little convoluted.

The Peta Ransomware name, based off of the extension it uses for flagging the files that it imprisons, only is one letter off from the well-know Petya Ransomware family, which also includes copycats like ASCII art-abusing Petya+ Ransomware. However, unlike both of them, the Peta Ransomware is a part of the STOP Ransomware family, also known as Djvu Ransomware. This Ransomware-as-a-Service family includes numerous variants, each with different extensions, but the majority of attacks in common with each other.

For its payload, malware experts warn potential victims of the usual dangers in file-locker Trojan infections. The Peta Ransomware may erase the user's Restore Points, encrypt media like documents, and create text ransom messages that sell its decryption help. Using an incorrect decryptor will make the file unrecoverable genuinely, and users always should back their media up before experimenting with any means of 'unlocking' it.

Pushing Your Files Out of Harm's Way

So far, malware analysts are counting at least one victim in Indonesia, which makes the Peta Ransomware's campaign typical for its Asia-oriented family. However, the STOP Ransomware versions like the Gero Ransomware, the Londec Ransomware, the Mogranos Ransomware, or the Besub Ransomware can appear anywhere in the world virtually. In all cases, having a backup somewhere else is an efficient way of countering any ransoming leverage that the Trojan tries to gain by encrypting your work.

Further precautions can prevent infections from happening at all, in a majority of attack attempts. Users can disable features such as Flash from their browsers and avoiding clicking on advertisements offering free software or updates. Network administrators also should pay close attention to their login credentials and avoid using out-of-date software infrastructure with publicly-known vulnerabilities. Illegal software downloads also have a strong correlation with attacks from the Peta Ransomware's family.

For a final line of defense, most anti-malware services provide adequate protection from this family and will delete both the Peta Ransomware and all its relatives virtually.

Those who suffer from the Peta Ransomware's effects will be lucky if they experience a form of it that's compatible with freeware decryptors. In most cases, that's not the case, and the key to their files remains in the criminals' hands – whether or not the ransom gets paid.

Loading...