New ransomware installs in boot record, encrypts hard disk [Updated]
A new type of malware has been described, one that takes crypto-extortion to a new level. While most cryptographic ransomware variants are selective about what they encrypt—leaving the computer usable to make it easier for the victim to pay—this new entry targets the victim's entire startup drive, encrypting the master file table (MFT).
Called Petya, the new ransomware is just the latest ransomware deliberately tailored for victims within organizations with IT support instead of a broader audience. As BleepingComputer's Lawrence Abrams documented, Petya is currently being delivered via Dropbox links in e-mail messages targeting human resources departments at companies in Germany. The links are purported to be to an application to be installed by the HR employee.