as

How to protect yourself from the Petya - Exptr virus

Petya - also called NotPetya or ExPtr due to confusion about its origin - is a new wiper virus that attacks computers worldwide, blocking machines with encryption, and has already arrived in Brazil. Discovered on Tuesday (27), it exploits the same Windows flaw used by WannaCry, but seems to be even more powerful. The generated malicious code encrypts entire hard drives of computers at boot (not just their folders), thus preventing the PC from working. There is still no definitive solution, but there are precautions to avoid being infected.

Protect yourself from the threat that affects companies with networked PCs.

Microsoft confirms 12, 000 PCs infected with Petya, including Brazil

Internet Archive creates Virus Museum and simulates malware like Crash on your computer

App: Get tech news on mobile

Initially linked to Petya ransomware, which emerged in 2016, the new malware was later considered very different from the original. Therefore, experts began to adopt a new name: NotPetya or ExPtr.

Read: Petya is not a ransomware, it's a wiper

The virus, like WannaCry, exploits the flaw in Windows SMB1 and behaves like a worm, propagating itself by a local network, especially from small and medium businesses - such as supermarkets, with boxes on sequential PCs, all on the same connection . In addition, the danger also spreads through contaminated e-mail attachments and links. That is, even on PCs updated with the Microsoft patch, it is possible to contract the virus in other ways on the Internet.

How to protect myself from network propagation?

Use advanced antivirus tools

Antivirus software with more advanced modes of protection that can reduce the chances of infection by types of ransomware. Enabling features that allow application privilege control tends to speed up virus detection and block a threat before it infects the PC.

Kaspersky also recommends that corporate clients use "Application Privilege Control" to deny any access (and therefore possibility of interaction or execution) for all application groups to the file named "perfc.dat" and the PSexec utility.

Disable Windows SMB1

Windows SMB1 has been the gateway to threats like WannaCry and now NotPetya on networked PCs. One of the measures to prevent contamination is to shut down the operating system service, preventing it from being used by hackers even if the computer is outdated. Here's how to turn off the feature.

Update your PC with Windows Update

Microsoft has released updates that protect the user against Petya. One of them is the same fix for WannaCry, released in March: MS17-010. The other one is the update of Windows Defender, the official antivirus that already comes installed in Windows. The two protective measures can be obtained free of charge. Just click a button to download automatically in Windows 10 through Windows XP.

Update the antivirus database

Antivirus companies are running out of time to detect ExPtr, so it's worth updating the programs on your PC as fast as possible. With the latest database, chances are greater of protecting yourself from the threat and blocking the virus before it infects your computer.

How to protect yourself on the personal computer?

One of Petya's main differences to WannaCry is its ability to spread through links and email attachments. This makes the virus more dangerous to end users, who are not connected to an enterprise network, but may receive an infected message. Here's how to stay safe.

Be wary of attachments and links coming from strangers

The general caution against email infection also applies to Petya. Avoid at all costs opening links and attachments from unknown senders. Pay special attention to the e-mail domain and be wary of extraneous addresses. When in doubt, answer the message by asking about the content. As hacker emails are generated automatically, you will rarely receive an elaborate response.

Beware of shortened links

Even if links are received by trusted senders, suspect the shortened ones. This type does not expose the original URL and can serve to deceive the user and attract clicks without attention. One tip to protect yourself is to use services like CheckShortURL (checkshorturl.com), which expands shortened links and reveals your real address.

Turn off autorun of media

Pendrives that have connected to infected computers can also bring the hidden Petya. Avoid using media devices plugged into unreliable PCs and turn off autoplay - learn to disable autorun.

How to choose a good antivirus; video