Whoever wrote this version is not only a horrible criminal for grifting the innocent with malicious ransomware, but also for removing the badass flashing skull the original displayed.
it was probably because of epilepsy reasons and stuff, idk. it is still a malicious virus but i mean, if the person has a epileptic seizure then there will be no one to pay them
Hello you have are currently dieing computer currently. To fix your die computer that is die, please, go, donate 290$ dollar worthof Bitchcoin. Your file will be deletes in 30 an hour.
I somehow got infected with some sort of ransomware that was completely silent. It did not overwrite my MBR or MFT. It happened 8/26/18 and I finally noticed it sometime in December when I went to look for a picture. Thing is, I had done a full backup on 8/25 so I think I lost about four files total when I just wiped the machine entirely and reinstalled. To this day, I do not know which ransomware it was.
@@LiEnby Secure boot is trash, when it's an ransomware it will encrypt some files that makes the windows boot so it will be forced to boot into petya, and your files are gonna be encrypted anyways
I've been watching your videos like crazy lately. I am shocked I'm hooked because I have had bad computer viruses, Trojans, and worms in the past when I was obsessed with Sims 2 and would download CC, later not realizing some sites were not good. (I was younger at the time). I got the worst payloads but what utimately happened was a got a virus that made bugs (like real bugs) crawl on the screen, all items were unusable, and then it wiped the computer. I have been kinda anxious with technology since. I used to be a CS major also (after my virus days lol) and I enjoy watching you alter the codes. Makes me wanna code again, been so long since I have tho. 😬
I know this is not How it works, but I would love to see the reaction of the cyber criminals: "HA! Got another one, Yuri! This PC has...some pictures of what looks like a photocopy of a butt. What the Hell?!"
Was that Enola Gay in bleeps at the end there? Love it. Question for any kind souls, what the hell do I do with a Vista PC that hasn't been maintained/updated in years? I've just inherited it and been tasked with retrieving as much data as possible, but my grandparents didn't even have antivirus and I know they fell for at least one phishing email. Any tips on how to make sure a Vista system's clean much appreciated.
I thought NotPetya was considered a type of Wiper malware? NotPetya wipes the BIOS similar to CIH because they don't encrypt the files, they corrupt them and it isn't possible to get your files back? ((Even if you did, the files would still be corrupted?))
Hey danooct1, do you know if it can only spread within the same L2 domain, or is it posibble for it to attack other computers on other networks? And do you know how it finds the other devices, does it just send out an ARP request to find as many devices on the network as possible and then attempt to infect said devices? Thanks in advance!
danooct1 Please show the video about petya ransomware in EFI VM, with Windows 10 inside it. I don't know are Petya can encrypt hard drive connected to UEFI computer. Because my computer is a UEFI computer. I don't know are my UEFI computer is safe.
Could this possibly be passed on through hamachi, because I use it a lot and I would hate to get this, and even worse, spread it to my friends, and them to theirs
So, just a question if anyone in this comment section knows: This started in San Francisco, correct? It shouldn't be able to spread too far, because of networks that stop it and computers that block it. If that's true tell me, cuz im no scientist and i kinda like knowing my safety.
Funnily enough, the bitcoin address mentioned doesn't appear when you type it into a block explorer. I tried blockchain.info. Can somebody try to find how many bitcoins this virus maker actually got?
By the looks of it, Petya/NotPetya specifically targeted big companies and businesses, although I'm sure some individual PCs got infected in the process.
danooct1 Please help me! I was playing a game and suddenly that my screen turns black and at the bottom right corner it says that Window 7 Build 7601 This Copy of Window isn't Genuine It happens after I downloaded Red Alert 2?
Actually I just remembered you can probably still get a free upgrade to win10 on microsoft website, I don't know for sure through and I don't know if your version not being genuine will stop that
I don't get why everyone's saying it were impossible to recover files because the e-mail adress got deleted. It is impossible, but even if the files weren't also corrupted, don't we all know you should never pay the ransom in hopes of getting out of it? Why should the developers give a shit if you get the key and your files or not, they're criminals anyway
Well that is also kinda the point of not paying the ransom, if nobody does, ransomware gets pointless. I was always told you had literally no guarantee of getting a key and you're only giving them a buisness if you do pay. But yeah, you have a point.
You also made a good point, if no one pays the ransom it becomes pointless. Which is why I applauded them for shutting down the email address so no one could pay it.
But the fact is, sometimes the ranson is worth paying if the data is important enough. Therefore, to make ransomware pointless you would have to render literally EVERY PIECE OF INFORMATION ON EARTH useless. Since this task is impossible, ransomware will keep existing.
clem5858 Yeah, true. There is although one simple solution that literally everyone can easily do: backups on an external drive. Would make ransomware completely useless and likely make it go 'extinct'.
Found a way to prevent file encryption by Petya extortionist Prevent execution of malicious code by creating a perfc file in the C: \ Windows folder. It does not allow you to disable the malware, as in the case of WannaCry, since each user must configure the correct file on his computer and thereby stop the spread of the infection. To do this, you must create a file "perfc" in the C: \ Windows folder that is read-only sorry for Google translate please check it
Truth is, this isn't much of ransomeware, it might seem like it at first glance, but it seems to be more of a destroy as much data as we can with this attempt (and it succeeded).
Honestly, If you were to everytime leave your computer. I would turn off my connection to my networks and shutdown, so if any of my family got the or a ransomeware I would be alerted ahead. Other than that I'm blank.
He is using a virtual machine, such as VMware or VirtualBox which basically emulate a computer, except they can be created and disposed. Danooct likely made 4 virtual machines and installed the virus on one of them to have it spread. They are not actual computers, but function identically to a real system. The purpose is mainly to avoid doing this on a real computer so he doesnt actually destroy his PC
so does that mean the files are no longer recoverable if they're corrupted instead of encrypted?! well they are no longer recoverable either way because the email was shutdown
Yeah, something tells me the people who write ransomware viruses aren't exactly concerned with customer service. What incentive do they have to help you once you are infected and already paid up?
no more epileptic flashing red lights and spoopy skull?
im disappointed.
dde dde same
dde dde meanwhile, someone that has epilepsy (I don't have epilepsy) is actually thrilled.
Yeah, I just WannaCry
Budget cuts.
Samuel Awachie HELLO! YOU WANT ME?
This is genuinely terrifying.
Not as much as the skull version though
Indeed
Whoever wrote this version is not only a horrible criminal for grifting the innocent with malicious ransomware, but also for removing the badass flashing skull the original displayed.
probably removed to prevent people having seizures
it was probably because of epilepsy reasons and stuff, idk. it is still a malicious virus but i mean, if the person has a epileptic seizure then there will be no one to pay them
@@creatorglitchlook I encrypted your files but atleast their not gonna potentially kill anyone
Viruses in 1998: Hihihihi lets have fun and play a game
Viruses in 2k17: Give money
oh no, it was worse back then, boo-live me.
MEMZ.
2k17: giv mone and yu will beh foine
Hello you have are currently dieing computer currently. To fix your die computer that is die, please, go, donate 290$ dollar worthof Bitchcoin. Your file will be deletes in 30 an hour.
@@TheDopeyElephant You can still recover from that with no data loss. The only ones that were worse were the ones which formatted the HDD.
trussive that’s it that’s the greatest thing i’ve ever read
Great demonstration. It must have taken some time to set all this up.
The PC Security Channel [TPSC] o hi dud im a big fan of ur stuff xd
Also fuck spelling
You should do a collab with danooct
I somehow got infected with some sort of ransomware that was completely silent. It did not overwrite my MBR or MFT. It happened 8/26/18 and I finally noticed it sometime in December when I went to look for a picture. Thing is, I had done a full backup on 8/25 so I think I lost about four files total when I just wiped the machine entirely and reinstalled. To this day, I do not know which ransomware it was.
It will not be encrypted if you have secure boot (will refuse to boot to notpetya) or if you are using GPT/EFI for your OS instead of MBR
@@LiEnby Secure boot is trash, when it's an ransomware it will encrypt some files that makes the windows boot so it will be forced to boot into petya, and your files are gonna be encrypted anyways
You just Ran-Some-Wares!
No
f
Call up Bill Wurtz.
*YOU JUST... RAN SOME WARES~!*
england is my city
Oh and I like that PC1 is the first to reboot and the last to have it's MFT encrypted.
"Ooops! Your files have been encrypted" ~ WannaCry and NotPetya 2017
WannaPetya or NotCry
if viruses were like shippable i would ship wannacry and petya so yay
If it's literally impossible to get your files back, then doesn't that sound like a classic computer virus in disguise as a modern piece of malware?
I think it is
"Please ensure your powercable is plugged in." Really?
KJP12 No ACPI = works live dumb button.
I've been watching your videos like crazy lately. I am shocked I'm hooked because I have had bad computer viruses, Trojans, and worms in the past when I was obsessed with Sims 2 and would download CC, later not realizing some sites were not good. (I was younger at the time). I got the worst payloads but what utimately happened was a got a virus that made bugs (like real bugs) crawl on the screen, all items were unusable, and then it wiped the computer. I have been kinda anxious with technology since. I used to be a CS major also (after my virus days lol) and I enjoy watching you alter the codes. Makes me wanna code again, been so long since I have tho. 😬
I was gonna ask, do you know what virus I am talking about?
i watch your videos before bed, your voice is so calming
Are there any viruses that don't harm the computer but instead inform about the danger of viruses?
Mr.Celery I've always wanted to make that...
they are called nematodes
Exotic Butters yeah I was also thinking something maybe like the memz virus but without harming your computer
Amy UNTOLD I don't necessarily mean to warn but one that doesn't harm anything and just erases itself
Just saying, malware derives from malicious software. But considering malicious probably derives from "mal," you're close enough, haha.
Your computer *might* be at risk.
What happens if you use FAT32 instead of NTFS? And what happens to unknown (from Windows' point of view) filesystem partitions (like ext)?
NotPetya...
Fake name to disguise virus,nice try m8s!
"notpetya"
SNEAK 100
Why am I still up? Great vid I loved it danooct1!
not as exciting as the last version, but we got 3 vids this week, so I can't complain too much.
@danooct1 Can you test is that placing empty "perfc" file in C\Windows\ is killswitch for this petya?
I know this is not How it works, but I would love to see the reaction of the cyber criminals:
"HA! Got another one, Yuri! This PC has...some pictures of what looks like a photocopy of a butt. What the Hell?!"
Viruses in 2004: Oh let’s put the computer in a restart loop!
Viruses in 2022: GIVE ME FUCKING MONEY
u r one of the top 5 youtubers in my opinions never quit!
Many years ago, I had a cat.
But in 2015 it just ransomware.
Looks safe to be used in a school!
3:23: Which song is this? Its sound familliar!
2:21 It knows it screwed up but still tryin' to hold on the cliff edge.
Thats so ransome!
No
Aurα вírdч ooo
Interesting. Was the 2016 variant of Petya/NotPetya made into the headlines? I don't recall.
Is this another piece of malware that escaped the NSA?
If it was from the NSA I imagine it wouldn't be so buggy. :-|
Uses exploits the NSA kept from Microsoft, which then got leaked publicly, and here's where we are now.
Fucking NSA
I find it funny that the NSA is all about security and then this shit happens with their tools.
The NSA isn't about security, it's surveillance.
What's that tune at the video end? :) Its from a known song, but I do know neighter its name nor the interpret...
Was it also released by the creators of Wannacrypt? (Because of the "Ooops")
I genuinely miss the flashing red skull (or yellow/green, depending on what version of Petya you're running). It looked cool.
Great video! But I have one question? The files in the different machines are shared?
Was that Enola Gay in bleeps at the end there? Love it.
Question for any kind souls, what the hell do I do with a Vista PC that hasn't been maintained/updated in years? I've just inherited it and been tasked with retrieving as much data as possible, but my grandparents didn't even have antivirus and I know they fell for at least one phishing email. Any tips on how to make sure a Vista system's clean much appreciated.
That chiptune Enola Gaye at the end was awesome! Did you make it yourself?
if i disable network discovery can i get infected by another computer?
How did you spread the ransomware to the vms but not ur pc?
His PC doesn’t run an outdated copy of Windows XP
So, now every new video will include the russian subs? Pretty interested.
I have stampa2,wannacry,petya and jigsaw ransom. Which one is strongest?
I love how at the beginning, the top left machine is saying it's at risk, but the other three are just bitching about the display resolution 😂
Love you Dan
Does Windows Firewall protect against this kind of spreading through network?
Don't we all WannaCry?
I wanna pet ya.
ILOVEYOU
It spreads... it definitely went spreading on a day like June the 12th...
I think it's funny, the people most likely to actually fall for it would have absolutely no idea what a bitcoin is.
Just stupid question, if my PC is turned off, and I got a petya file on my tablet, can the petya spread to my PC?
I thought NotPetya was considered a type of Wiper malware? NotPetya wipes the BIOS similar to CIH because they don't encrypt the files, they corrupt them and it isn't possible to get your files back? ((Even if you did, the files would still be corrupted?))
You deserve more subscribers.
Hey danooct1, do you know if it can only spread within the same L2 domain, or is it posibble for it to attack other computers on other networks? And do you know how it finds the other devices, does it just send out an ARP request to find as many devices on the network as possible and then attempt to infect said devices? Thanks in advance!
It uses same loophole with wcrypt, right?
danooct1 Please show the video about petya ransomware in EFI VM, with Windows 10 inside it. I don't know are Petya can encrypt hard drive connected to UEFI computer. Because my computer is a UEFI computer. I don't know are my UEFI computer is safe.
I think you’d still get the file encryption but not the HDD encryption(?)
Could this spread through a Tunngle LAN network?
How did you have 4 computers in your computer?
Could this possibly be passed on through hamachi, because I use it a lot and I would hate to get this, and even worse, spread it to my friends, and them to theirs
Which OS's are actually vulnerable to this?
is there a test file that you can download for free this new random ware virus?
When will the q and a come out?
hi!
please can you show us the malware Win32/Ramnit?
thank you
Where did u download your isos PLZ REPLY
So, just a question if anyone in this comment section knows:
This started in San Francisco, correct?
It shouldn't be able to spread too far, because of networks that stop it and computers that block it.
If that's true tell me, cuz im no scientist and i kinda like knowing my safety.
Damn Daniel, back at it again with a *ransomware*
Lol
How does this spread via LAN? Did you cover this or did I miss it?
NSA exploit and also tries to use same credentials as your pc to login to computers on a domain controller w psexec
Funnily enough, the bitcoin address mentioned doesn't appear when you type it into a block explorer. I tried blockchain.info. Can somebody try to find how many bitcoins this virus maker actually got?
Would you please tell me where do I can download the virus sample?
Скачать можно у разработчика, этого вируса! Надеюсь, эта информация, была полезная для вас? )))😎
Is this ransomware just impacting big companies or is it hitting individual PC users?
Hitting not impacting wtf where did that come from
By the looks of it, Petya/NotPetya specifically targeted big companies and businesses, although I'm sure some individual PCs got infected in the process.
Danooct1 It is Also Called PetrWrap. Hope This Helped!
Спасибо за видео! ^^
Watching this gives me anxiety
why its different than previous one ?
danooct1 Please help me!
I was playing a game and suddenly that my screen turns black and at the bottom right corner it says that
Window 7
Build 7601
This Copy of Window isn't Genuine
It happens after I downloaded Red Alert 2?
you bloody pirate
Pirate the game or Pirate the Window?
Both lol it's going to annoy you a lot from now on, either get a crack program or switch to linux
Actually I just remembered you can probably still get a free upgrade to win10 on microsoft website, I don't know for sure through and I don't know if your version not being genuine will stop that
SOVIETS AЯE IИVADIИG YOUЯ PC
> Did you know? The Spawn Mason launched Petya.
My school when that one kid plugs a usb into the server :
So glad my internets been shut off
ily dan
How many pcs did you destroy
Im starting to miss the old good trojans...
I don't get why everyone's saying it were impossible to recover files because the e-mail adress got deleted. It is impossible, but even if the files weren't also corrupted, don't we all know you should never pay the ransom in hopes of getting out of it? Why should the developers give a shit if you get the key and your files or not, they're criminals anyway
Well that is also kinda the point of not paying the ransom, if nobody does, ransomware gets pointless. I was always told you had literally no guarantee of getting a key and you're only giving them a buisness if you do pay. But yeah, you have a point.
You also made a good point, if no one pays the ransom it becomes pointless. Which is why I applauded them for shutting down the email address so no one could pay it.
But the fact is, sometimes the ranson is worth paying if the data is important enough. Therefore, to make ransomware pointless you would have to render literally EVERY PIECE OF INFORMATION ON EARTH useless. Since this task is impossible, ransomware will keep existing.
clem5858 Yeah, true. There is although one simple solution that literally everyone can easily do: backups on an external drive. Would make ransomware completely useless and likely make it go 'extinct'.
from what I know people still paying even that e-mail is dead...
very good... and when you think how many people still use XP..
Found a way to prevent file encryption by Petya extortionist
Prevent execution of malicious code by creating a perfc file in the C: \ Windows folder. It does not allow you to disable the malware, as in the case of WannaCry, since each user must configure the correct file on his computer and thereby stop the spread of the infection. To do this, you must create a file "perfc" in the C: \ Windows folder that is read-only
sorry for Google translate
please check it
so you are reviewing ransomware too? where is rogueamp? :(
Truth is, this isn't much of ransomeware, it might seem like it at first glance, but it seems to be more of a destroy as much data as we can with this attempt (and it succeeded).
What happens when (Not)Petra meets WannaCry?
Honestly, If you were to everytime leave your computer. I would turn off my connection to my networks and shutdown, so if any of my family got the or a ransomeware I would be alerted ahead.
Other than that I'm blank.
I would be much scared if this happens on my physical network...
I wonder how you could pay if all machines that runs windows get infected....
Exactly, that's why it seems to be more for destruction and not for actual profit.
How do you did this?
Can you give a more specific question?
Oooops! I am crying now.
Wait, how does he get all these PC's for the viruses?
He is using a virtual machine, such as VMware or VirtualBox which basically emulate a computer, except they can be created and disposed. Danooct likely made 4 virtual machines and installed the virus on one of them to have it spread. They are not actual computers, but function identically to a real system. The purpose is mainly to avoid doing this on a real computer so he doesnt actually destroy his PC
so does that mean the files are no longer recoverable if they're corrupted instead of encrypted?! well they are no longer recoverable either way because the email was shutdown
BrodieLOL789 As if they would give you a key to recover your files if you paid
Yeah, something tells me the people who write ransomware viruses aren't exactly concerned with customer service. What incentive do they have to help you once you are infected and already paid up?
"Your computer might be at risk"
"Hope you enjoyed seeing it spread"
Not to use in any context x)
What happends if you run 500 viruses on a machine?
It's Windows, what do you expect.
But classic viruses or something similar with a cool payload would be interesting, maybe not 500 of them though.
So how can i not get infected?
DonAcDum
Can I say that I liked that 8-bit Enola Gay?
Edit: I forgot I made this comment.
i remember why my laptop is not connect to the internet
It took me a while to realize that the ending tune was enola gay
They talked about this virus on the radio today :0
this is *wiper*
who made this malware ?
Møvìes Śceñes you think the guy who made it would just reveal himself?