Private, secure, free access to worldwide content in 10x lightning speed with iTop VPN  in one click. Get it Now
Vidnoz AI creates engaging videos with realistic AI avatars. Free, fast and easy-to-use. Try for Free >

Expert in

PC Health Solution

Home > Press > Knowledge

How to Protect Yourself from Petya/GoldenEye Ransomware

Recently, a new strain of ransomware attack broke out. Many organizations in Europe and the US have been crippled by the new ransomware called Petya/GoldenEye. It spreads rapidly across the world and is expanding the infection. Here's what you need to know about Petya/GoldenEye and how to prevent the attack:

What Is Petya/GoldenEye?

Similar to WannaCry, Petya uses the Eternal Blue exploit to infect Windows devices, especially older Windows systems. Not like WannaCry which encrypts the files one by one, Petya is much more dangerous that can damage the whole hard drive, even stop you entering your system. 

How Does Petya Attack Work?

While Petya is trying to infect a computer, Blue Screen of Death can be a signal, then the system will reboot by force to finish the encryption. This can be ignored easily as the process looks like Windows scanning and repairing the system itself. Once the reboot finished, the computer is encrypted and a note will pop up to alert the user to pay the ransom. 

Petya/GoldenEye Ransomware Lock Screen

How to Prevent Petya/GoldenEye Attacks?

Ransomware attack can be a real disaster as it threatens your important files and money. So you need to keep alert to any suspicious activity on your computer. Once you get this popup below, you should shut down your PC immediately in case of infecting Petya.

Petya/GoldenEye: Windows shut down alert

Here you are the tips to prevent Petya/GoldenEye:

1. Fix System Vulnerability

System vulnerability is always the target of ransomware. It's crucial to keep your system up-to-date. Or you can go to Microsoft Official Site to download the latest patches for your older version Windows.

2. Disable WMI service

WMI runs automatically at system startup under the LocalSystem account. The service can be used by Petya to spread the ransomware. 

Follow the steps to stop WMI service

Note: If WMI service is not running, you cannot manage, monitor, or retrieve information about the resources on the computer, especially remotely. Besides, you probably can't use Action Center on Windows 10 and Windows 8 without WMI service.

3. Create a Stronger Password for Your System

A strong password can help you improve the security of your system by preventing malicious programs from accessing your system easily. For example, you can mix the password with capitalized letters, symbols and numbers.

4. Close the service of SMBv1

SMBv1 is a very old deprecated network protocol and might be attacked by Petya ransomware. You can probably disable it to prevent the attack. But there's a potential impact that file and print sharing won't work anymore on a local area network. 

Follow the steps to stop SMBv1

Don't want to disable SMBv1? Here are the tips for you:

Only use protected networks and do NOT share important files over SMBv1 connections                                                                                                                       Block inbound/outbound SMB traffic at your border firewalls                                                                                                                                                                   Restrict SMB to only localhost (your own computers) via local host firewalls

5. Install PC Protection Program on Your Computer

The most effortless but effective way to block ransomware is making good use of a system security tool which offers anti-ransomware engine and real-time protection. IObit Malware Fighter 5 is one good choice for you to detect ransomware threats in real-time and protect the computer against Petya attack. 

IObit Malware Fighter 5 detected & blocked Petya/GoldenEye

Get total protection to proactively prevent ransomware attacks like Petya/GoldenEye:

Free Download From Cnet   Upgrade to Pro Now

6. Secure Hard Disk MBR

Hard Disk MBR can be easily tampered and encrypted by ransomware like Petya/GoldenEye. Most of Windows devices infected Petya/GoldenEye because of its vulnerability. IObit MBR Guard is a simple filler for disk, it can protect MBR from malicious tampering and encrypting.

7. Backup Your Important Files

To avoid losing your important files, especially encrypted by Ransomware, it's better for you to develop the good habit to make a back-up regularly and properly. 

IObit uses cookies to improve content and ensure you get the best experience on our website.
Continue to browse our website agreeing to our privacy policy.

I Accept