EXPLANATION FROM ICTA-TrCERT ABOUT PETYA MALWARE

-

4/7/2017

Information and Communication Technologies Authority (ICTA)-Computer Emergency Response Team of Turkey (Tr-CERT) were explained Petya malware harming systems in various countries worldwide and protection ways from it.


Within the explanation that states Petya malware harming the systems similar with WannaCry malware spreads by using fishing e-mails and out-of-services (SMB-Server Message Block), those statements took place “The Petya malware is placed in Office documents using a vulnerability in Microsoft Office Software (CVE-2017-0199) and sent in the form of fake e-mails. As WannaCry malware, Petya malware which makes unusable by encrypting to infected systems is also demands Bitcoin to open these encrypted systems.”


Within the explanation, the ways of protection from Petya malware are listed as follows:


1- Making related updates (MS17-010 - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx),


2- Using a current antivirus,


3- Turning off SMB service when not in use,


4- Being wary of phishing e-mails that are intriguing and not opening their attachments


are suggested.


Within the explanation it is also recommended, "Institutions affected by the relevant malware should immediately report to USOM- ihbar@usom.gov.tr by filling out the cybercrime evaluation form at the attachment."


Within the country, Tr-CERT, which is responsible for identifying and preventing domestic and foreign cyber threats, can be reached at:


Computer Emergency Response Team of Turkey (USOM-Tr-CERT)


Phone: (0312) 586 53 05 / (0549) 779 87 85


Web: www.usom.gov.tr


E-mail : ihbar@usom.gov.tr / iletisim@usom.gov.tr


Social Media: https://twitter.com/trcert


RSS: http://www.usom.gov.tr/feeds.html

Information and Communication Technologies Authority of TURKEY

Eskişehir Yolu 10.Km No:276 06530 Çankaya/Ankara
© 2017 ICTA of Turkey - All rights reserved