Common sense is best protection against Petya: Don't open e-mails from people you don't know and don't click on any link that looks suspicious! When in doubt, delete, delete, delete.
Sandboxie actually can contains it successfully. It can't escape SBIE's robust containment whatsoever, I already tested it. But Shadow Defender is advisable to protect your PC system wide or the volume/partition of your choice.
SBIE maybe feasible to use in a home environment, it's not practical to be used in any production environment in work.
Maybe my statement was not clear. I meant to say office computers in companies/universities, not consumer PC. In enterprise PCs, 1. employees of most industry/academia units are too lazy to be trained to use such kind of software on their office computer; 2. most enterprises has their established SRP/Applocker policies enforced that only run whitelisted apps on employees computers. 3. in work computers, employees are on LUA, basically don't have high enough user privilege to install any software/scripts, so their computers are already locked down and these malware could not really do any harm.
Actually according to Invincea, more and more Sandboxie is reaching into companies. When a ceo says learn something, people if they want their jobs get unlazy. Also based on the number of hacks, etc on major companies and government agencies, they aren't doing that well in stopping malware.
Looks like someone has broken the Petya encryption http://www.bleepingcomputer.com/for...t-record-help-and-support-topic/#entry3976618
@stapp Thank you for sharing. Here's the direct link to the Password Generator and recovery article: http://www.bleepingcomputer.com/new...ion-defeated-and-password-generator-released/ I am always amazed to see the collaborative effort between security researchers for the good of everyone. There's leostone (https://twitter.com/leo_and_stone) who did the brilliant mathematical work and Fabian Wosar, who we all know and respect, who created the tool to make it easier on the end users to capture and copy the correct bytes from the hard drive to make it something that ordinary users could accomplish. That kind of collaborative effort between security researchers put a smile on my face, indeed. It's great to see many other security researchers as well giving some of their spare time into helping to stop many of these recent ransomware variants by trying to defeat the crypto, or by finding other weaknesses in implementation, then releasing decryption tools to help free these users these criminal organizations.
A keygen for a ransomware key, that is pretty cool. Hail to the power of reversing. I did find this piece of malware to be pretty lame all in all and the fact that it has been completely reversed in such a short time confirms it. There are much nastier ones out there to worry about.