The latest ransomeware cyber-attack, caused by a virus from the family Petrwrap or Petya, is feared to be spreading fast across the world.
Affected computers displayed a message to pay $300 in Bitcoin to recover encrypted files.
“We believe this is another example of the Petya-based ransomware, which was first identified in 2016,” malware analyst Jakub Křoustek wrote in an Avast blog.
The attack was initially reported from Ukraine, where ministries, national bank, state power company, largest airport, local banks and metro systems had been severely affected.
Windows-based radiation sensors at Chernobyl nuclear power plant were shut down and had to turn on manual monitoring of radiation levels.
The attack is feared to be spreading across the world fast. In Russia, oil producer Rosneft and metal company Evraz have been affected by the attack. Danish shipping firm Maersk and British advertising agency WPP have become victims.
From the U.S., drug company Merck, multinational law firm DLA Piper etc confirmed attacks.
“The firm, like many other reported companies, has experienced issues with some of its systems due to suspected malware. We are taking steps to remedy the issue as quickly as possible,” a DLA Piper spokesperson said.
Germany’s cyber agency BSI informed that German firms also affected. It has asked companies and institutions in the country to report IT security incidents.
Latest media reports confirm that several companies and public institutions in Romania have been affected.
The latest series of attacks follows a month after the WannaCry attack hit the world, crashing thousands of computers globally. According to experts, the fresh virus is similar to that of WannaCry.
“There’s speculation that this new Petya version would be launched by the same people who were behind Wannacry, but we can’t confirm that,” Mikko Hypponen, chief research officer with Helsinki-based cyber security firm F-Secure tweeted.
India is also suspected to have affected by the attack. But, the country’s cyber security chief Sanjay Bahl told Reuters that there is no report of the ransomware hitting the country. France, Spain and the Netherlands are feared to have included in the target list.