back to top
Tech

Companies In Europe Are Being Hit By A Massive Ransomware Attack

Companies in the UK, France, Denmark, and Ukraine said Tuesday that they had come under cyber attack.

Posted on

Businesses in several European countries reported falling victim to a massive ransomware attack on Tuesday.

New strain of #petya ransomware spreading in Europe. Symantec protects as Ransom.Petya #ransomware

A screenshot posted by digital security firm Symantec showed a screen with red text reading, "If you see this text, then your files are no longer accessible, because they have been encrypted," and demanding $300 worth of bitcoin in ransom.

A spokesperson for the security firm told BuzzFeed News the ransomware is associated with a bitcoin account which has so far received nine payments. The Symantec spokesperson said that the ransomware functions by using the same vulnerabilities as a virus that struck worldwide in May.

But a Russian cybersecurity firm, Kaspersky Lab, said their investigations indicate that this most recent attack uses ransomware that hasn't been seen before — and isn't a variation on Petya, a known type of malware, as other analysts originally reported.

"Our preliminary findings suggest that it is not a variant of Petya ransomware as publicly reported, but a new ransomware that has not been seen before. That is why we have named it NotPetya," a spokesperson for the firm told BuzzFeed News in a statement.

The lab estimates that 2,000 companies have been attacked so far, with organizations in Russia and Ukraine most affected. They said they have also detected attacks on American, Polish, Italian, British, German and French companies.

The firm said the attack appears to be coming from several sources.

"This appears to be a complex attack which involves several attack vectors," the spokesperson said.

Companies in the UK, France, Denmark, and Ukraine reported on Twitter that they had been targeted in Tuesday's attack. The Ukrainian energy national energy distributor and an airport in Kiev were among those affected.

The Ukrainian government posted the following on Twitter in response to the attack.

Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts to tack… https://t.co/OZez5RfehL

The Ukrainian central bank said that an "unknown virus" was to blame for the latest attacks, according to Reuters.

A supermarket in Ukraine. The country is under cyberattack. via @golub


Danish shipping company Maersk also released a statement regarding the attacks.


British marketing firm WPP also said they had been targeted.

IT systems in several WPP companies have been affected by a suspected cyber attack. We are taking appropriate measures & will update asap.

The attacks come in the wake of May's major ransomware attack, WannaCry, which particularly affected the British National Health Service.

WannaCry infected more than 100,000 organizations in at least 150 countries, according to cybersecurity companies who observed its spread across the globe.

This is a developing story. Check back for updates and follow BuzzFeed News on Twitter.

CORRECTION

The ransom message posted by Symantec demanded $300 worth of bitcoin. A previous version of this post incorrectly reported the ransom was 300 bitcoin.

Nidhi Prakash is a reporter for BuzzFeed News and is based in New York

Contact Nidhi Prakash at nidhi.prakash@buzzfeed.com.

Got a confidential tip? Submit it here.