Blog Archives

‘Petya’ CIA-Sponsored Virus and Ransomware (with 1EarthUnited)

LADA’S OVERVIEW

The author of the article below contends that the ‘Petya virus is a state-sponsored attack on Ukraine.’ However, a number of European countries have been affected too. What’s more, some large Russian companies were affected as well.

I think you’ll orient yourself better in what the latest Petya virus and its counterpart NotPetya mean if I explain what’s in the name. “Petya” is diminutive for Piotr, or Petro, if you wanted to say it with a Ukrainian accent — as in Petro Poroshenko. Someone with a wicked sense of humor named this new malicious, ransom-demanding wiper malware after the Ukrainian president. In the end, even when victims do pay up, the computer still fails to reboot, making it a total loss. Knowing Poroshenko, very close to the truth, I’d say.

A new joke in Russia is that the virus’s name is Petya, while the anti-virus is called Vladimir Vladimirovich (Putin’s name). 

In conclusion, my personal opinion is that there is much more going on here than meets the eye. It is a promo for a specific new 4th Dimension MEGA-project by the global elites, bankers and related organizations.

What is it? I’ll discuss what I mean and make some bold predictions in the upcoming

EARTH SHIFT WEBINAR 3: THE FUTURE OF MONEY!

If you haven’t yet,

Buy complete THREE WEBINAR SERIES — and SAVE!
Buy EARTH SHIFT WEBINAR 2 INVERTED COLLAPSE!
Buy EARTH SHIFT WEBINAR 3 THE FUTURE OF MONEY!
Buy EARTH SHIFT WEBINAR 4 LADA RAY PERIOD 8 PREDICTIONS!
GO TO ALL WEBINARS @ LadaRay.com!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

You can brush up on technical details of what the hoo-ha is all about below. Thanks to 1EarthUnited for the material!

Hacker News: Petya Ransomware “Wiper malware” is a state-sponsored attack on Ukraine?

petya-ransomware-wiper-malware

What if I say the Tuesday’s devastating global malware outbreak was not due to any ransomware infection?

Yes, the Petya ransomware attacks that began infecting computers in several countries, including Russia, Ukraine, France, India and the United States on Tuesday and demands $300 ransom was not designed with the intention of restoring the computers at all.

According to a new analysis, the virus was designed to look like ransomware but was wiper malware that wipes computers outright, destroying all records from the targeted systems.

Comae Technologies Founder Matt Suiche, who closely looked the operation of the malware, said after analyzing the virus, known as Petya, his team found that it was a “Wiper malware,” not ransomware.

Security experts even believe the real attack has been disguised to divert world’s attention from a state-sponsored attack on Ukraine to a malware outbreak.

“We believe the ransomware was, in fact, a lure to control the media narrative, especially after the WannaCry incident, to attract the attention on some mysterious hacker group rather than a national state attacker,” Suiche writes.

Is Petya Ransomware Faulty or Over-Smart?

Petya is a nasty piece of malware that, unlike other traditional ransomware, does not encrypt files on a targeted system one by one.

Instead, Petya reboots victims computers and encrypts the hard drive’s master file table (MFT) and renders the master boot record (MBR) inoperable, restricting access to the full system by seizing information about file names, sizes, and location on the physical disk.

Then Petya ransomware takes an encrypted copy of MBR and replaces it with its own malicious code that displays a ransom note, leaving computers unable to boot.

petya-ransomware-attack

However, this new variant of Petya does not keep a copy of replaced MBR, mistakenly or purposely, leaving infected computers unbootable even if victims get the decryption keys.

Also, after infecting one machine, the Petya ransomware scans the local network and quickly infects all other machines (even fully-patched) on the same network, using EternalBlue SMB exploit, WMIC and PSEXEC tools.

Don’t Pay Ransom; You Wouldn’t Get Your Files Back

So far, nearly 45 victims have already paid total $10,500 in Bitcoins in hope to get their locked files back, but unfortunately, they would not.

Meaning, even if victims do pay the ransom, they will never recover their files. Kaspersky researchers also said same.

“Our analysis indicates there is little hope for victims to recover their data. We have analyzed the high-level code of the encryption routine, and we have figured out that after disk encryption, the threat actor could not decrypt victims’ disks,” the security firm said.

“To decrypt a victim’s disk threat actors need the installation ID. In previous versions of ‘similar’ ransomware like Petya/Mischa/GoldenEye this installation ID contained the information necessary for key recovery.”

If claims made by the researcher is correct that the new variant of Petya is a destructive malware designed to shut down and disrupt services around the world, the malware has successfully done its job.

However, it is still speculation, but the virus primarily and massively targeted multiple entities in Ukraine, including the country’s local metro, Kiev’s Boryspil airport, electricity supplier, the central bank, and the state telecom.

Other countries infected by the Petya virus included Russia, France, Spain, India, China, the United States, Brazil, Chile, Argentina, Turkey and South Korea.

How Did Petya get into the Computers in the First Place?

According to research conducted by Talos Intelligence, little-known Ukrainian firm MeDoc is likely the primary source of the yesterday’s global ransomware outbreak.

Researchers said the virus has possibly been spread through a malicious software update to a Ukrainian tax accounting system called MeDoc, though MeDoc has denied the allegations in a lengthy Facebook post.

“At the time of updating the program, the system could not be infected with the virus directly from the update file,” translated version of MeDoc post reads. “We can argue that users of the MEDoc system can not infect their PC with viruses at the time of updating the program.”

However, several security researchers and even Microsoft agreed with Talo’s finding, saying MeDoc was breached and the virus was spread via updates.

 

Hacker News: Original Author of Petya Ransomware is Back & He Wants to Help NotPetya Victims

petya-ransomware-decryption-key

The author of original Petya ransomware is back.

After a long 6 months of silence, the author of now infamous Petya ransomware appeared on Twitter today to help victims unlock their files encrypted by a new version of Petya, also known as NotPetya.

“We’re back having a look in NotPetya,” tweeted Janus, a name Petya creator previously chose for himself from a James Bond villain. “Maybe it’s crackable with our privkey. Please upload the first 1MB of an infected device, that would help.”

This statement made by Petya author suggests he may have held on a master decryption key, which if worked for the new variant of Petya infected files, victims would be able to decrypt their files locked in the recent cyber outcry.

Janus sold Petya as a Ransomware-as-a-Service (RaaS) to other hackers in March 2016, and like any regular ransomware, original Petya was designed to lock victim’s computer, then return them when a ransom is paid.This means anyone could launch the Petya ransomware attack with just the click of a button, encrypt anyone’s system and demand a ransom to unlock it. If the victim pays, Janus gets a cut of the payment. But in December, he went silent.

However, On Tuesday, computer systems of the nation’s critical infrastructure and corporates in Ukraine and 64 other countries were struck by a global cyber attack, which was similar to the WannaCry outbreakthat crippled tens of thousands of systems worldwide.

Initially, a new variant of Petya ransomware, NotPetya, was blamed for infecting systems worldwide, but later, the NotPetya story took an interesting turn.

Yesterday, it researchers found that NotPetya is not a ransomware, rather it’s a wiper malware that wipes systems outright, destroying all records from the targeted systems.

NotPetya also uses NSA’s leaked Windows hacking exploit EternalBlue and EternalRomance to rapidly spread within the network, and WMIC and PSEXEC tools to remotely execute malware on the machines.

Experts even believe the real attack has been disguised to divert world’s attention from a state-sponsored attack to a malware outbreak.The source code to Petya has never been leaked, but some researchers are still trying hard to reverse engineer to find possible solutions.

 

Tuesday’s cyber outbreak is believed to be bigger than WannaCry, causing disaster to many critical infrastructures, including bricking computers at a Ukrainian power company, several banks in Ukraine, and the country’s Kyiv Boryspil International Airport.

The NotPetya also canceled surgeries at two Pittsburgh-area hospitals, hit computers at the pharmaceutical company Merck and the law firm DLA Piper, as well as infected computers at the Dutch shipping company A.P. Moller-Maersk forced to shut down some container terminals in seaports from Los Angeles to Mumbai.

Technical Writer, Security Blogger and IT Analyst. She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.

SOURCE: 1EARTHUNITED BLOG

 

Advertisements

Declaration of Cold War: What Chain of Events is US Provoking With New Hostile Move?

War drums are beating. The US is trying AGAIN to tip the world into the war mode.

The US House of Representatives voted almost unanimously (411 for, 10 against, 13 abstained) to condemn Russia for ‘aggression in Ukraine(?), Moldova(?) and Georgia(?).’ It also voted to create a more aggressive propaganda machine in Russian and Ukrainian, and to SEND AMERICAN WEAPONS TO UKRAINE. In addition, the resolution calls for the reinforcement of NATO and for the sale of US GAS TO EUROPE TO REPLACE RUSSIAN GAS. Link to RT video report.

I wonder who and when will finally vote to condemn the REAL aggressions of the USA against Iraq, Libya, Afghanistan, Serbia, present US aggression and financing of the illegal coup in Ukraine, and so many other aggressions all over the world? Who will condemn USA for spying on the entire world? What about the continued US and NATO aggression and intimidation campaign against Russia? What about color revolutions US sponsors all over the world?

Do you feel a sense of deja vu by any chance? I do. Remember how many times I warned of exactly these things. I said that these are the main purposes for the US ‘subversion of Ukraine’ (the fact that US invested only officially $5bln into ‘subverting Ukraine’ was publicly admitted by the US State Dept’s Victoria Nuland in December 2013).

I said this at various times:

1. Conflict in Ukraine is used to weaken Russia and EU at the same time.

2. Ukraine conflict is used to drive a wedge between Russia and EU, and at the same time, between Russia and Ukraine.

3. Ukraine to Anglo-American elites is loose change and cannon fodder to be thrown out as a used-up lemon. For Russia, Ukraine is their brothers and part of the Russian world to be respected and lived in peace with.

4. The continuing escalation of a conflict is necessary to paint Russia and Putin as aggressors, when the actual aggressor is US, with the kind help of Brussels, Germany, Poland and Lithuania. This is the same methodology used to perfection by the UK/US/France in the past to escalate Hitler’s aggression and to pit Germany and Russia (in the 20th Century, the two biggest rivals of the Anglo-American empire) in two past World Wars. Using proxies to fight their wars is the best Anglo-American achievement from hell.

5. US is itching to sell its own, more expensive gas to Europe, taking this market away from Russia.

For that purpose, McCain went to Bulgaria and other EU countries. THE VERY NEXT DAY after McCain’s and two other senators’ visit, Bulgaria announced that it was withdrawing from South Stream. Annual losses from such withdrawal for Bulgaria constitute $400-600 million + $150 million in losses from the switch of the Russian gas transit to Turkey to the new Black Sea pipeline. Altogether, up to $750 million per year in losses. What makes leaders of a country do something that is clearly bad for the country’s economy? Only arm-twisting can do that, and/or a bribe.

McCain’s arm-twisting worked well on the sold-out neocon-infested Bulgarian government. It didn’t work on Hungary (which because of that is now threatened with a color revolution), nor Austria. Austria’s President reportedly retorted that he didn’t tell US what to do, so he would appreciate it if US didn’t tell him who to conduct business with.

Still, subverting Bulgaria was enough – South Steam has ground to a screaching halt.

Notice that the US Congress cold war resurrection resolution (sounds like The Lord of the Rings – the dark powers on the rise)  appeared right after the noteworthy events I described in my previous article: German Vice Chancellor: No Ukraine in NATO; Russia, Let’s Make Up!

Below is a brief summary of the events I described in the above piece, plus analysis of the underlying geopolitical games and return moves by the US.

1. Europe has started looking for ways to make up with Russia and get EU-Russia relations back to normal. Additionally, Germany let it be known that they would not approve Ukraine in NATO, which is what US has been pushing for.

All the above is a big problem for the US hegemony. US needs to prevent this from happening. The only way of influencing the EU in these circumstances is to escalate the stand-off between Russia and the West, so Eu has no choice but to take anti-Russian position.

Last time they used the Malaysia Boeing downing in Ukraine to push reluctant EU towards a new round of anti-Russian sanctions. How about provoking Russia via arms supply to the Kiev junta this time, making Russia act to protect Donbass?

2. Russia announced the closure of the South Stream project.

No doubt US has rejoiced. US was the driving force behind the sabotage of the South Stream, projected to deliver gas directly to southern and central Europe. This route would bypass the unstable Ukraine, making the supply more secure and cheaper for many countries. The winners of this scenario would have been: Austria, Hungary, Italy, Greece, Bulgaria, Serbia, Slovenia, Russia – and the entire EU economy. Losers from South Stream would have been: Ukraine and US. Now do your math: WHO BENEFITS AND WHO LOSES FROM THE CLOSURE OF SOUTH STREAM!

The US had been long pushing to sell their own shale gas to the EU, however expensive and inconvenient this may be.

Note, the US shale gas issue is a big problem in the US itself. It has been proven that this barbaric method of extraction causes untold damage to the environment, causing irreversible water damage, making potable water and soils unusable, and creating tremors and quakes. I have lived in Upstate NY, which is sitting on large shale gas deposits, and it is an ongoing struggle for the residents there to keep the shale gas vultures out of their state. Recently, the birthplace of shale gas in Texas has moved to ban this harmful practice.

Shale gas industry was touted in the US as a way out of the systemic crisis of the US economy. However, it’s not working so well. Due to low gas prices, most shale gas wells had to be capped as high cost of production made them unprofitable. To make shale gas worthwhile, US desperately needs a huge new market such as EU. To gain the EU market, US first needs to squeeze Russia out of it.

Now, isn’t it clear that US needs to do the following things:

1. Weaken EU, break EU’s will, subdue European countries – and make them buy more expensive gas contrary to EU’s interests.

2. Weaken Russian economy, vilify and discredit Putin, isolate and vilify Russia, so Russia can’t continue working with the EU, so consequently EU would be forced to buy expensive US gas, forsaking a much better deal it has with Russia presently.

3. Destabilize and destroy Ukraine, making it into a massive festering wound for both Russia and EU to deal with. Destabilization of Ukraine sabotages Russian gas supplies to the EU. In addition, the spinning of Ukraine as victim of the big, bad Russia also serves to create divisions and alienation on European continent.  This is a complete repeat of the Georgia 2008 scenario. See my predictions that came true: Striking geopolitical similarities: Sochi2014-Ukraine and #Beijing2008-Georgian war.

All the above US needs to do in order to make its grand plan of getting out of the crisis happen.

What is very important to understand is this: by making EU buy US shale gas, US not only solves its economic problems, but it also binds EU to itself irreversibly.

Once Russia has reoriented towards other markets, it will be hard to impossible to convince her to turn back. Russia is the historic and karmic global balancer. Hence, Russia’s re-orientations usually are precursors to big global changes to come. It is entirely in the interests of the EU to get closer to Russia, and that includes UK as well, although UK can serve as a bridge between US and new Europe. But it is entirely against the interests of the present-day US empire for any of that to happen. Living in peace and cooperation with the rest of the world is certainly in the best interests of the population of the USA.

Ideally, the US and those who still want to execute the US ‘full spectrum dominance’ global hegemony plans, want to convert the entire world into its vassals. I can tell you this will never happen, and perhaps those who formulate the insane US policies already get it on some level. At this time it appears the US is trying to inflict as much damage as possible on as many countries as possible as its plan B. And you know what, they are partially succeeding!

What we are observing is a war between the wounded, but very dangerous beast and the rest of the world.

Unfortunately, too many try to pretend this war doesn’t concern them. Some think they can remain on the beast’s side until tide changes and they can switch to the other side safely. It’s so much easier to have someone else fight your battles, incur hardship and losses, while you just arrive in the end and collect the trophies. This sounds like Romania, which first entered WWII on the side of the fascist Germany, occupying my city of Odessa, which was promised to Romania by Germany as one of the spoils of war. But when Germany started losing, Romania switched to the other side. And it sounds like US, who during the same WWII let the USSR bleed and fight until it became clear in 1944 that the USSR was winning, and that’s when US finally entered the war to collect their trophies.

rus bogatyr

Russian Vityaz’ – bogatyr’ (bogatyr’ means knight, protector; vityaz’ was a highly evolved master protector, whose powers were borderline mystical)

Yes, there are very few heroes. But Russia has no choice. Whether Russians want it or not, they are destined to always fight that dangerous beast that threatens to devour all. Russia’s is the hardest place to be. It is the hardest role to preserve balance in this crazy, unbalanced world. Allies are hard to come by, as usual. Few want to risk their lives and well-being to confront the beast; fewer still, have wisdom and foresight to do so successfully. Hiding out seems so much safer.

lord of the rings

I mentioned Tolkien’s The Lord of the Rings for a reason. Tolkien, like Edgar Cayce before him, like other visionaries, such as Anastasia of Siberia (The Ringing Cedars) and Bulgarian Baba Vanga – and like yours truly – have been hinting at the same thing. The White City in The Lord of the Rings is written after Moscow (known historically as the White Stone City) and the ancient city of Great Novgorod. I write about that in Forbidden History: Are Scandinavians Slavs? The Return of the King refers to the return of Russia. You can find some of my predictions about Russia and the historic and karmic role of various parts of the world in Predictions.

Putin’s Move and Profitable Russia-Turkey Alliance

Instead of the cancelled South Stream, Russia and Turkey announced the construction of the new arm of the Blue Stream. Turkey is to become the Russian gas distribution hub for further sales to Europe, or to any other market. Russia is also to build a new energy system for Turkey. The new system will allow for a more flexible gas distribution by sea or pipeline, depending on demand.

It’s interesting how secret the Putin/Erdogan agreements were kept until the last moment.

It has to be noted that the new agreement between Putin and Erdogan was only possible after Putin created a new paradigm with the Caspian Sea powers, including Iran, and notably, Azerbaijan. This is also connected with SCO advancements and Eurasian Union (EAU). Turkey is very interested in being admitted into SCO and EAU. I can predict that at least the SCO announcement will come out soon. These events happened very quietly and went unnoticed in the West; and actually, Russia likes that. The quieter, the better. In reality, these events are very important. I spoke about them briefly before, and I will discuss them in more detail in one of my upcoming interviews next year.

Azerbaijan is an interesting factor here, as well as Syria, Iran and Gagauzia (autonomy within Moldova). All these are connected with Russia and each other via invisible but meaningful links.

Incidentally, I have some interesting interviews coming up next week and in January 2015. Stay tuned!

After everything that happened, it would be naive to think US wouldn’t make return moves. It is more difficult to understand why so many seemingly intelligent people in the EU and US allow themselves to be duped and manipulated time after time by thugs in the US Congress, Pentagon, White House, and by the shadow puppet masters.

The problem for Russia is this: the moment US starts making any threatening moves, all EU’s good intentions evaporate and they dutifully fall in line. They forget their own good and profit, their own reasoning as to how important the relations with Russia are, and start again playing a role of the US lap dog – or US vicious pit bull.

This is the chain of events the US is trying to provoke with this new hostile move:

US sends its weapons to the Ukraine junta. Kiev uses these more advanced and deadly weapons against civilians in Donbass. Russia has no choice but to match that to protect Donbass from complete annihilation. US and EU start yelling that Russia interferes in Ukraine.

Then US pressures EU into adopting a new round of sanctions, contrary to EU’s own interests. These sanctions will be equally damaging to both Russia and EU. The winner is US.

Next, relations between Russia and EU hit a new low as Russia has no choice but to reciprocate. US gets to twist the arm of the weakened EU even more efficiently. US can now sell its shale gas to the EU and no one makes a peep.

EU becomes fully dependent and therefore, subservient to the US. Will US continue escalating, while Russia has no choice but to adopt further protective measures? The trust between Russia and EU is gone. After EU business is forced to leave Russia having been squeezed out by the US/EU sanctions, there will be even less opposition to the US policy in the EU and fewer forces left to protest against it.

Repeat of WWI and WWII. The next step is, yet again, to pit Central and Western Europe against Russia.

Now, people, ask yourselves – how many of you want this kind of outcome? I can tell you that it would be the last war. This human civilization will not get another chance. I wrote about that in my mystical thriller THE EARTH SHIFTER.

I rest my case.

 Important announcement!

I wrote last time about the upcoming THE PUTIN ENIGMA Earth Shift Report. I am still working on it and it will come out in due time. There are so many ideas I need to reconcile/transfer into 3D language and reality for it to materialize. So, please be patient.

But I have great news! I will be releasing another Earth Shift Report soon, based on the hot and timely news that are hitting the wires! I am sure you will find this report extremely fascinating and eye-opening.

Are we in fact moving out of the physical and crude 3D warfare?

The new name of the game is…

EARTH SHIFT REPORT

Wars of the Future Past or What is 4D Warfare:

(Rocket Failures, MK Ultra, Cyber Spying, NSA, Stuxnet, Regin, more…)

This report will be available on LadaRay.info. It will be announced on this blog.

This report will be available to my readers for a donation – to be announced.

As a thank you to my supporters, this report will be free for those who have donated $50 or more, or for those who subscribed for a monthly donation – I will provide an email where you will be able to request your report.

You can always help us out by donating here: Support Lada’s work

Thank you for your support!

%d bloggers like this: