IN a new twist in the latest crippling ransomware attack spreading across the globe, victims are warning that files will not be released even if those affected pay up.
Companies across Britain, Europe and US have been crippled by the Petya virus, which locks workers out of their computers and demands payment.
The hackers request a sum of around £234 in bitcoin and email the receipt to an email address at [email protected]
Upon receiving a receipt, the hackers say they will decrypt any files and return the computer to normal working order.
But yesterday email provider Posteo announced that it had disabled that address – so the crooks won’t receive any emails that are sent.
Posteo wrote: “Midway through today we became aware that ransomware blackmailers are currently using a Posteo address as a means of contact.
“Our anti-abuse team checked this immediately and blocked the account straight away.
“There was no press coverage at that time.”
Victims had paid at least £7,000 worth of bitcoin by Wednesday morning – all of which may have paid in vain.
This means any victims who pay the ransom will not be able to send a receipt and will ultimately never get their files back by giving into their demands.
Security researchers were last night working against the clock to find a “kill switch” that could stop the rapidly spreading virus in its tracks.
The ransomware, which was initially identified as Petya but appears to be an entirely new strain of malicious code, uses what is known as “worm behaviour” and doesn’t require any human interaction to spread across company networks.
Experts advised victims who are met with the “red screen of doom” to turn off computers immediately.
The software only seizes the files on reboot, so while the computer is switched off the files are still saved on the CD or USB drive and is still recoverable.
Ransomware is software which is installed on a device by clicking on a bad link or attachment.
This usually happens when computers or phones are poorly protected.
In the case of WannaCry, computers running outdated Windows software were affected, for example.
Ransomware prevents access to anything on the computer and the user is requested to pay a fee for the release of their data.
Often, coughing up makes no difference, experts warn and it appears that in this case, it is no different.
British advertising giant WPP and the French industrial group Saint-Gobain all said they came under attack and put protection protocols in place to avoid data loss.
Ukraine was the worst hit, with government ministries, banks, utilities, telecom operators and major companies attacked.
Computers at the Chernobyl nuclear power plant have been infected, although there is not believed to be any risk of radioactive contamination.
Shipping giant A.P. Moller-Maersk, a firm which handles one out of seven containers shipped globally, said its systems were down across “multiple sites and business units due to a cyber attack”.
The crippling virus has forced the Danish company to halt operations at the fully automated Maasvlakte II terminal in Rotterdam.
Mondelez, the owners of Cadbury, was also hit in the devastating attack.
Russian oil giant Rosneft announced that its systems were hit by a “powerful hacking attack” carried out “against the company’s servers”.