Another Massive Ransomware Attack Spreads Around the World

Be careful what you click on.

Petya

The Petya ransomware in actionDS-Tech/YouTube

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.

A month after the WannaCry ransomware hobbled hundreds of thousands of computers around the world, another major ransomware attack is making its way across Europe, Russia, the United States, and elsewhere—locking the victims’ computers and demanding ransom payments.

“We are talking about a cyberattack,” Anders Rosendahl, a spokesman for A.P. Moller-Maersk, a massive Danish shipping company, told the Associated Press after the firm was hit by the malicious software. “It has affected all branches of our business, at home and abroad.” 

According to cybersecurity firm Symantec, the attack makes use of the “EternalBlue” exploit developed by the National Security Agency called to take advantage of a flaw in the Microsoft Windows operating system. (Microsoft recently released a patch intended to address this flaw.) That exploit made its way into the wild after a group calling itself The Shadow Brokers dumped what it said was a suite of NSA hacking tools on the internet in April. The Shadow Brokers first came on the scene in August 2016 when they claimed to have hacked a server containing a host of tools used by the Equation Group, a hacking group thought to be associated with the NSA.

Initial reports dubbed the attack “Petya,” a version of previously detected malware, but information security firm Kaspersky Lab said Tuesday’s attack was something “that has not been seen before,” according to Patrick O’Neill of Cyberscoop.

Whoever was behind Tuesday’s wave of ransomware apparently demanded $300 worth of Bitcoin to unlock the affected computers. “If you see this text, then your files are no longer accessible because they have been encrypted,” the attackers wrote in a message posted on a victim’s computer screens. “Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.”

As of about 2 p.m. ET Tuesday, 24 payments had been made to the address listed by the hackers, totaling about $6,000.

Merck, a US-based pharmaceutical company, said Tuesday that its computer network was also damaged “as part of the global hack” and that the company was investigating the matter. DLA Piper, a US-based global law firm, had its phones and computers affected by the bug. The Chernobyl nuclear power plant also reportedly switched to manual radiation monitoring because of the attack. Rosneft, a massive Russian energy company, said it had been impacted, as well.

WHO DOESN’T LOVE A POSITIVE STORY—OR TWO?

“Great journalism really does make a difference in this world: it can even save kids.”

That’s what a civil rights lawyer wrote to Julia Lurie, the day after her major investigation into a psychiatric hospital chain that uses foster children as “cash cows” published, letting her know he was using her findings that same day in a hearing to keep a child out of one of the facilities we investigated.

That’s awesome. As is the fact that Julia, who spent a full year reporting this challenging story, promptly heard from a Senate committee that will use her work in their own investigation of Universal Health Services. There’s no doubt her revelations will continue to have a big impact in the months and years to come.

Like another story about Mother Jones’ real-world impact.

This one, a multiyear investigation, published in 2021, exposed conditions in sugar work camps in the Dominican Republic owned by Central Romana—the conglomerate behind brands like C&H and Domino, whose product ends up in our Hershey bars and other sweets. A year ago, the Biden administration banned sugar imports from Central Romana. And just recently, we learned of a previously undisclosed investigation from the Department of Homeland Security, looking into working conditions at Central Romana. How big of a deal is this?

“This could be the first time a corporation would be held criminally liable for forced labor in their own supply chains,” according to a retired special agent we talked to.

Wow.

And it is only because Mother Jones is funded primarily by donations from readers that we can mount ambitious, yearlong—or more—investigations like these two stories that are making waves.

About that: It’s unfathomably hard in the news business right now, and we came up about $28,000 short during our recent fall fundraising campaign. We simply have to make that up soon to avoid falling further behind than can be made up for, or needing to somehow trim $1 million from our budget, like happened last year.

If you can, please support the reporting you get from Mother Jones—that exists to make a difference, not a profit—with a donation of any amount today. We need more donations than normal to come in from this specific blurb to help close our funding gap before it gets any bigger.

payment methods

WHO DOESN’T LOVE A POSITIVE STORY—OR TWO?

“Great journalism really does make a difference in this world: it can even save kids.”

That’s what a civil rights lawyer wrote to Julia Lurie, the day after her major investigation into a psychiatric hospital chain that uses foster children as “cash cows” published, letting her know he was using her findings that same day in a hearing to keep a child out of one of the facilities we investigated.

That’s awesome. As is the fact that Julia, who spent a full year reporting this challenging story, promptly heard from a Senate committee that will use her work in their own investigation of Universal Health Services. There’s no doubt her revelations will continue to have a big impact in the months and years to come.

Like another story about Mother Jones’ real-world impact.

This one, a multiyear investigation, published in 2021, exposed conditions in sugar work camps in the Dominican Republic owned by Central Romana—the conglomerate behind brands like C&H and Domino, whose product ends up in our Hershey bars and other sweets. A year ago, the Biden administration banned sugar imports from Central Romana. And just recently, we learned of a previously undisclosed investigation from the Department of Homeland Security, looking into working conditions at Central Romana. How big of a deal is this?

“This could be the first time a corporation would be held criminally liable for forced labor in their own supply chains,” according to a retired special agent we talked to.

Wow.

And it is only because Mother Jones is funded primarily by donations from readers that we can mount ambitious, yearlong—or more—investigations like these two stories that are making waves.

About that: It’s unfathomably hard in the news business right now, and we came up about $28,000 short during our recent fall fundraising campaign. We simply have to make that up soon to avoid falling further behind than can be made up for, or needing to somehow trim $1 million from our budget, like happened last year.

If you can, please support the reporting you get from Mother Jones—that exists to make a difference, not a profit—with a donation of any amount today. We need more donations than normal to come in from this specific blurb to help close our funding gap before it gets any bigger.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate