A Decryption Key is now available for the Original Petya Ransomware
The master key for the popular trouble making ransomware Petya has finally been released. This is not the latest Petya/ExPetr which created havoc in Ukraine and many parts of Europe in the last month. This master key allows the user to escape from the cruel hands of Petya and get back their encrypted files.
According to the researchers, this master key is made available on last Wednesday by the original creator of the Petya who goes by the proxy name Janus.
“Just like the authors of TeslaCrypt, the author of Petya has released his private key which allows all the victims to get their files back,” wrote Hasherezade, a security researcher at the MalwareBytes which is posted here.
The researchers at the Kaspersky Lab analyzed the master key and found that it can be used to unlock not just the Petya ransomware but also the early versions of the GoldenEye ransomware.
“They have published their Petya master key works for all versions including the GoldenEye,” tweeted Ivanov.
The GoldenEye ransomware was created by the makers of Petya in 2016. It was the fourth one made based on the Petya code. The compiled application was stolen this year and later modified by another malware creator.
The latest version of the malware is based on the pirated GoldenEye code which was believed to be used in last month’s wiper outbreak which was originated in the Ukraine. Unlike the previous versions, this latest version lacked the ability to decrypt the affected systems and was considered as the wiper malware. It goes by various names such as Not Petya, Eternal Petya, ExPetr, and sometimes Hasherezade, GoldenEye said.
Petya is crypto-malware that is known for targeting a victim’s Master Boot Record instead of files stored on the computer, network shares or backups that the computer may have access to. The ransomware has demanded around $400 in Bitcoin for the decryption key.