The cyberattack infecting computers across the world on Tuesday was not ransomware and “not designed to make money,” research suggests.
After malicious software began locking user computers in Russia and Ukraine, then spreading throughout the world, experts initially believed it to be a reincarnation of the Petya ransomware.
However, as more details come to light, it appears the ransomware element – which like WannaCry last month asks users to pay $300 in Bitcoin to regain control – is, in fact, a front.
Analysts are now saying that this attack is a disk-wiping effort masquerading as a WannaCry-style ransomware to generate media hype.
“This is definitely not designed to make money. This is designed to spread fast and cause damage, with a plausibly deniable cover of ‘ransomware,’” a report by Medium researcher “the grugq” published on Wednesday determines.
A look at the Bitcoin wallet shown to victims appears to confirm this, the one address distributed in the attack having accumulated just under 4 BTC ($9,970) since Tuesday from 45 transactions.
In the countries first affected, meanwhile, blame is once again turning political, with Ukraine suggesting state-sponsored Russian hackers were behind the attack.