Petya Variant Ransomware: How to Detect the Vulnerability and Exploits

Watch the Webcast On-Demand

Watch It Now!

We'll be adding the on-demand archive for this webinar shortly. Register now and we'll send you the link via e-mail as soon as it's ready.

As you've likely heard, a variant of the Petya malware is spreading rapidly and is known to have affected organizations worldwide, regardless of size. This variant of Petya follows a similar attack method to last month's WannaCry ransomware, though it uses the PsExec and WMI services for distribution.

Once compromised, the ransomware will overwrite the Master Boot Record (MBR), encrypt individual files that match a list of file extensions (including documents, archives, and more), and after a reboot of the system will present the user a message requesting a ransom in Bitcoin to decrypt the system.  As with WannaCry, the ETERNALBLUE exploit toolkit (which was released by the Shadow Brokers group in April 2017) is suspected to be a key part of the attack. 

Join us for a 30-minute technical webcast to learn more about this Petya variant, and how the unified security controls in AlienVault USM Anywhere can help you quickly identify vulnerable systems and attacks.

You'll learn:

  • What the AlienVault Labs security research team has uncovered about this threat
  • How to scan your environment (cloud and on-premises) for critical vulnerabilities with AlienVault USM
  • How AlienVault USM leverages threat intelligence for early detection of threats like this variant of Petya
  • How built-in response orchestration capabilities in AlienVault USM can stop the threat from spreading

Meet Your Host

Sacha Dawes

Sacha Dawes

Principal Product Marketing Manager at AlienVault

Sacha joined AlienVault in Feb 2017, where he is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space. Originally from the UK, Sacha is based in Austin, TX.