June 27, the world started to massively spread the virus that locks computers on Windows. In Ukraine, the, then spoke about her in Russia and then in other countries. The attackers blocked the work of computers, demanding ransom in bitcoins. This is the most ambitious cyber attack after the spread of the virus WannaCry in may 2017.

the Virus attacked Petya transport companies and shipping lines, Maersk and MSC. As 28.06.2017 line do not take buking for new containers in China.

the Ukraine
From infecting the affected computers of the Ukrainian government, various companies, banks and commercial firms. The attack began on the morning of 27 June with the defeat of the computers of the largest Ukrainian energy companies. About it around noon, reported the Ukrainian mass media with reference to sources in "Ukrenergo" and the energy company DTEK. This information was confirmed in "Kyivenergo". "Two hours ago, were forced to shut down all computers, the expected resolution for inclusion from the security service," said the company. A little later, the attack on the computers of Ukrainian government said in Facebook Deputy Prime Minister Pavlo Rozenko. Prime Minister of Ukraine Volodymyr Groysman said that the important systems "were not affected". The attack also affected the company "New mail", Borispol airport (do not operate the website and the schedule on the scoreboard), and Kiev metro (I do not work Bank terminals). In the state Bank Oschadbank initially denied information about the virus, but subsequently restricted clients access to some services. ATMs of the Bank and OTP Bank does not operate (mobile banking is not affected). The second largest Ukrainian Bank — PrivatBank — declares that escaped attack. The virus has also been the site of the Chernobyl nuclear power plant. At first it was reported that the technological systems of the station "operating normally", but then it turned out that the station staff switched to manual monitoring of radiation. Ukrainian Internet provider and mobile operator Kyivstar has warned customers about a possible disconnection of services.

In many regional companies in Ukraine ahead of schedule stopped work, computers disconnected from the network. Security considerations the servers are shut off and the Kiev mayor's office. With the challenges were also faced by the Ukrainian media. Computers "Ukrainian media holding", which includes major Ukrainian media — magazine and website "Korrespondent", the newspaper and the website "KP in Ukraine", — were blocked; the same situation was faced in the "Explorer" and "24 channel". The staff of the New channel have complained that some of their computers not working. the virus has spread to regional Ukrainian edition.

The speaker of the Ministry of internal Affairs of Ukraine Artem Shevchenko said that the cyber-police is trying to stop the spread of the virus, but no data on how he appeared, yet (the website of the MIA of Ukraine also does not work). The security Service of Ukraine believe that the attack is Russia.

the Russia and the rest of the world
Almost immediately after the virus reported in Ukraine, about the hacker attack on their servers, announced Russian state company "Rosneft". Not are computers in the "Bashneft" (subsidiary of "Rosneft"); doesn't open and the website of "Rosneft". What happened to the computers of state-owned companies, not officially reported, but probably we are talking about the same virus Petya. In Russia the virus has also suffered and metallurgical company Evraz and the Bank "home credit". Financial institution does not have a website, office work exclusively in consulting mode, no operations are carried out. Difficulties have arisen at the company Mondelez, which, in particular, produces chocolate Alpen Gold and Milka, as well as the manufacturer of animal feed Royal Canin. The Central Bank believes that the object of the attack were several Russian banks. br>
At the same time, the media learned that the virus has infected computers in many countries of Europe. So, in the UK I suffered from malefactors advertising company WPP, the Danish logistics giant Moller-Maersk, in the Netherlands — it is a subsidiary of arm. About the attacks also said the company in France, Spain, India and Lithuania, followed by the company in the United States.

Symantec has published recommendations on protecting your computer from infection by a virus-the extortioner Petya. For this we need to pretend that the computer is already infected. At the time of the attack Petya looks for the file C:Windowsperfc. If the file on the computer you already have the virus finishes the job without intrusion. To create such a file for protection from You can use normal Notepad. Moreover, different sources suggest to create either the perfc file (without extension), or perfc.dll. Experts also suggest to make the file read-only so that the virus can't modify it.

FireEye experts have suggested that the virus was initially spread by Ukrainian companies through the upgrade of accounting software M.E.Doc. The creators of the program claim that it is not, because the last update was sent on 22 June — five days before the attack.

The virus locks computers and encrypts the data that requires a transfer of $ 300 to the account in exchange for the decryption.
e-Mail address used by the ransomware is already locked, making the transfer of money is useless.