Ukrainian banks have been affected by a coordinated ransomware cyberattack that is targeting firms all around the world. The hit came just weeks afterWannaCry attack.
The Ukrainian central banks says that a number of banks in the country are “having difficulties with client services”, while media reports say that the Kiev metro system is not accepting card payments.
Russian oil producer Rosneft, Danish shipping company Maersk and British advertising agency WPP are among the other victims of the attack, which early reports suggest involves a variant of the ‘Petya’ ransomware.
The hit comes just weeks after the WannaCry attack, which affected more than 300,000 internet addresses worldwide, including government agencies, large corporations and banks.
Allan Liska from threat intelligence specialist Recorded Future says: “This appears to be a multi-pronged attack that started with a phishing campaign targeting infrastructure in the Ukraine.”
Liska says that the updated Petya may not be the only aspect of the attack, with reports that banking trojan Loki Bot may also be included in the payload, “which means this attack not only could make the victim’s machine inoperable, it could steal valuable information that an attacker can take advantage of during the confusion”.