As you must already know, a massive cyber attack with Petya ransomware emerged yesterday, a month from notorious WannaCry attack. This isn’t the original Petya, but a modified sample, which is much more sophisticated. This piece of ransomware not only encrypts files, but also MFT, overwrites MBR and has custom bootloader, showing attackers’ message.
If you are already infected, it’s useless to send money to criminals: firstname.lastname@example.org has been blocked, so you can’t communicate with attackers and get the key.
But if your system is still clean, you can protect it from infecting with Petya. Before starting encryption process, Petya checks for ‘perfc‘ file in C:\Windows. If it finds this file, it finishes the job, and the system remains unencrypted. So all you need is to create this file. That’s it!