An Israeli cybersecurity researcher discovered a way to thwart the ransomware attack that has plagued computers across the world this week, CNN reported Wednesday.
Amit Serper, a security researcher at Cybereason, found a way to reverse-engineer the NotPetya ransomware, which affected Windows-based computers in Ukraine, Russia, the United States, and much of Europe on Tuesday. The virus locks up a victim’s computer until they make a payment to the hackers. Security experts have warned victims not to issue any such payment, saying this will not help release their data.
While Serper is more familiar with Linux and Apple operating systems, he spent three hours parsing through the code during a visit to relatives in Israel. He discovered that NotPetya will not run on a computer it had previously taken over. In order to determine whether it already ran on a certain machine, the virus stores a file at a specific location and uses it as a marker.
By creating the file that NotPetya looks for before taking over a computer, Serper found a way to trick the virus into terminating itself before it could lock up any files on the targeted computer.
Serper explained his workaround in detail during a press briefing on Wednesday, which is embedded below.
On Wednesday night, a wave of cyberattacks struck Israeli computer systems, notably in a number of hospitals, The Times of Israel reported.
The attacks were countered “immediately” and there was no reported damage, Israel’s National Cyber Authority said.
The cyberattacks took place as Israel hosts a national Cyber Week conference in Tel Aviv. Officials who spoke at the conference warned that hackers are gaining the upper hand.
Earlier this week, Shin Bet chief Nadav Argaman told the conference that Israel has been successful in countering online threats, but cautioned, “In light of the deceptive characteristics of cybersecurity, it would appropriate for us to remain modest and cautious concerning our ability to receive a hermetic picture of what is happening in this area.”
[Photo: CNN / YouTube ]