Threat Management, Malware, Threat Management

Petya and Mischa ransomware bundled in one malicious payload


Cybercriminals have bundled Petya and Mischa ransomware together into one payload for the purpose of using brute force to infect users on multiple fronts.

As intriguing as the satellites in the James Bond film GoldenEye that they're named for, Petya and Mischa deploy attacks on different levels of the victim's systems and are primarily distributed in targeted campaigns via malicious emails, according to a Malwarebytes blog post.

The duo even plays off of each other's strengths and weakness.

“Since PETYA can't do his evil work without administrative privileges, MISCHA launches when those can't be obtained,” the threat actors behind the cyberattacks said in a bitmessage to new recruits, according the Malwarebytes post.

Researchers suspect that the group behind the attack is also the same group that released the Chimera and the Rokku ransomwares. 

To avoid infection, they recommended that users pay more attention to their email attachments. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.