The latest Petya ransomware attacks come with a twist; if the malware is not granted privileges to encrypt the Master File Table, it instead installs another strain of ransomware known as Mischa. The new version of the malware will run under the user s security credentials, researcher Lawrence Abrams said. The ransom must be paid in Bitcoin through a Tor payment site, he said; the ransom is 1.93 Bitcoin, or about $875 to recover the scrambled files. The latest strain of malware continues to spread in Germany to enterprise HR organizations via emails.
Source: https://threatpost.com/latest-petya-ransomware-strain-comes-with-a-failsafe-mischa/118072/