Is ransomware still ransomware if its goal is fetish | Adult Movies Onlinepurely to destroy?

This is less if-a-tree-falls hypothetical and more sobering reality for the untold number of people across the globe whose computer systems have been infected with the NotPetya ransomware. That's because the latest digital scourge to cripple computer networks in 65 countries (and counting) doesn't fit the typical ransomware mold.

Instead of just encrypting users' files and holding those files ransom, NotPetya appears to do permanent damage to computer systems.

SEE ALSO: A new ransomware is sweeping the globe, but there's a vaccine

Security researcher Matt Suiche lays out the bad news in a blog post for cybersecurity firm Comae Technologies. He notes that while an earlier version of Petya, from which NotPetya gets its name, technically allowed for the decryption of files, NotPetya doesn't.

"2016 Petya modifies the disk in a way where it can actually revert its changes," writes Suiche. "Whereas, 2017 Petya does permanent and irreversible damages to the disk."

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!
Original image replaced with Mashable logoOriginal image has been replaced. Credit: Mashable

Suiche goes on to call NotPetya a "wiper," and explains the difference between a wiper and ransomware.

"The goal of a wiper is to destroy and damage," notes Suiche. "The goal of a ransomware is to make money. Different intent. Different motive. Different narrative. A ransomware has the ability to restore its modification such as [restoring the MBR like in the 2016 Petya, or decrypting files if the victim pays]—  a wiper would simply destroy and exclude possibilities of restoration."

So, if the motive for the malicious code is not profit via a Bitcoin ransom, what could it be? While at this point it's pure speculation, the growing consensus among a host of security experts is that the attack was not launched by cybercriminals in the traditional sense.

However, not everyone agrees with Suiche's findings. The (now famous) security researcher who discovered the WannaCry kill switch, Marcus Hutchins, takes issue with Suiche's claim that "the current version of Petya clearly got rewritten to be a wiper and not a[n] actual ransomware."

But even if the intent hadn't been to destroy, there's almost zero chance those affected by NotPetya could get their data back by paying the $300-worth-of-Bitcoin ransom for a decryption key. That's because the email used to coordinate ransom payments was disabled by the email service provider.

In other words, Suiche's findings reveal a bad situation to be even worse. And, if his discovery portends a new type of ransomware-disguised wipers, the news just went from worse to downright awful.

Featured Video For You
Step inside the secretive class that turns people into hackers

Topics Cybersecurity