Petyas authors got it right at the third attempt. The currently launched wave of this ransomware finally seems to have the proper Salsa20 algorithm to encrypt Master File Table and make disk inaccessible. We are not yet sure about the distribution method, but probability is that it is spam with a link leading to cloud storage. We advise to be extra vigilant for the high, high, vigilant for days it proven to be a common cover for the dropper. More information you can find in our previous articles about it can be found here.”]
Source: https://blog.malwarebytes.com/threat-analysis/2016/07/third-time-unlucky-improved-petya-is-out/

