Another Massive Ransomware Attack Spreads Around the World

Be careful what you click on.


The Petya ransomware in actionDS-Tech/YouTube

Let our journalists help you make sense of the noise: Subscribe to the Mother Jones Daily newsletter and get a recap of news that matters.

A month after the WannaCry ransomware hobbled hundreds of thousands of computers around the world, another major ransomware attack is making its way across Europe, Russia, the United States, and elsewhere—locking the victims’ computers and demanding ransom payments.

“We are talking about a cyberattack,” Anders Rosendahl, a spokesman for A.P. Moller-Maersk, a massive Danish shipping company, told the Associated Press after the firm was hit by the malicious software. “It has affected all branches of our business, at home and abroad.” 

According to cybersecurity firm Symantec, the attack makes use of the “EternalBlue” exploit developed by the National Security Agency called to take advantage of a flaw in the Microsoft Windows operating system. (Microsoft recently released a patch intended to address this flaw.) That exploit made its way into the wild after a group calling itself The Shadow Brokers dumped what it said was a suite of NSA hacking tools on the internet in April. The Shadow Brokers first came on the scene in August 2016 when they claimed to have hacked a server containing a host of tools used by the Equation Group, a hacking group thought to be associated with the NSA.

Initial reports dubbed the attack “Petya,” a version of previously detected malware, but information security firm Kaspersky Lab said Tuesday’s attack was something “that has not been seen before,” according to Patrick O’Neill of Cyberscoop.

Whoever was behind Tuesday’s wave of ransomware apparently demanded $300 worth of Bitcoin to unlock the affected computers. “If you see this text, then your files are no longer accessible because they have been encrypted,” the attackers wrote in a message posted on a victim’s computer screens. “Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.”

As of about 2 p.m. ET Tuesday, 24 payments had been made to the address listed by the hackers, totaling about $6,000.

Merck, a US-based pharmaceutical company, said Tuesday that its computer network was also damaged “as part of the global hack” and that the company was investigating the matter. DLA Piper, a US-based global law firm, had its phones and computers affected by the bug. The Chernobyl nuclear power plant also reportedly switched to manual radiation monitoring because of the attack. Rosneft, a massive Russian energy company, said it had been impacted, as well.


Headshot of Editor in Chief of Mother Jones, Clara Jeffery

It sure feels that way to me, and here at Mother Jones, we’ve been thinking a lot about what journalism needs to do differently, and how we can have the biggest impact.

We kept coming back to one word: corruption. Democracy and the rule of law being undermined by those with wealth and power for their own gain. So we're launching an ambitious Mother Jones Corruption Project to do deep, time-intensive reporting on systemic corruption, and asking the MoJo community to help crowdfund it.

We aim to hire, build a team, and give them the time and space needed to understand how we got here and how we might get out. We want to dig into the forces and decisions that have allowed massive conflicts of interest, influence peddling, and win-at-all-costs politics to flourish.

It's unlike anything we've done, and we have seed funding to get started, but we're looking to raise $500,000 from readers by July when we'll be making key budgeting decisions—and the more resources we have by then, the deeper we can dig. If our plan sounds good to you, please help kickstart it with a tax-deductible donation today.

Thanks for reading—whether or not you can pitch in today, or ever, I'm glad you're with us.

Signed by Clara Jeffery

Clara Jeffery, Editor-in-Chief

payment methods

We Recommend