Petya and Mischa ransomware bundled in one malicious payload

Cybergang bundles ransomwares Petya and Mischa into one payload.
Cybergang bundles ransomwares Petya and Mischa into one payload.

Cybercriminals have bundled Petya and Mischa ransomware together into one payload for the purpose of using brute force to infect users on multiple fronts.

As intriguing as the satellites in the James Bond film GoldenEye that they're named for, Petya and Mischa deploy attacks on different levels of the victim's systems and are primarily distributed in targeted campaigns via malicious emails, according to a Malwarebytes blog post.

The duo even plays off of each other's strengths and weakness.

“Since PETYA can't do his evil work without administrative privileges, MISCHA launches when those can't be obtained,” the threat actors behind the cyberattacks said in a bitmessage to new recruits, according the Malwarebytes post.

Researchers suspect that the group behind the attack is also the same group that released the Chimera and the Rokku ransomwares. 

To avoid infection, they recommended that users pay more attention to their email attachments. 

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS