Shortly after the attack was known, some security firms, such as Trend Micro, reported that the person responsible on this occasion had been a variant of ransomware Petya, a strain detected in late March 2016. However, later a report from Kaspersky Lab company suggested it was another type of ransomware that had never been detected, so this virus is also known as NotPetya. Now, the original ransomware author Petya, who is a person or group calling themselves Janus Cybercrime Solutions, has released the decryption key for all past versions of their malicious software. He did it through his Twitter account, where he posted a link to an encrypted and password protected file with the master key. Hasherezade, a researcher at security company Malwarebytes, managed to crack the file and shared its content, which was as follows:= “Here is our Privkey secp192k1: 38dd46801ce61883433048d6d8c6ab8be18654a2695b4723” We use the ECIES (with AES-256-ECB) scheme to encrypt the encryption password in the “Personal Code” which is encoded in BASE58. Kaspersky researcher Anton Ivanov was able to test the master key and confirmed that it is the server-side private key used during the encryption of previous Petya versions, so it can be used to develop decoders. Unfortunately, Janus Cybercrime Solutions is not the author of NotPetya, so the decryption key it provided can not be used to recover the contents affected by this malware. The creator of the new strain responsible for cyberattack last week has recently given signs of life, although far from offering a solution to the victims has asked for more money. Because the NotPetya payment system is out of order, the cybercriminal calls for $ 250,000 (100 Bitcoins) in exchange for handing over the key to free the infected computers. So, what do you think about this decryption key? Simply share your views and thoughts in the comment section below.
Δ