ExPetr/Petya/NotPetya is much worse than a ransomware, is a wiper

in #ransomware7 years ago (edited)

Matt Suiche from Comae Technologies concluded that Petya/ExPetr is a wiper and not a ransomware. Kaspersky Labs also concluded that the attack was designed for destruction rather than financially motivated. Both concluded that the attack is a wiper designed to appear to be a ransomware.

The personal installation key is  randomly generated by the ransomware and is plain random data. 

The attacker cannot extract any decryption from such random data. This means that even if the victim payed the attacker, he would not be able to recover any data. Kaspersky labs concluded that this only reinforces that the attack was not financially motivated but dedicated to the destruction of data.


The two links below are the original articles:

https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b

https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/


#petya #bitcoin #virus #wannacry
7 years ago in #ransomware by
$0.00
    2 votes
    Reply 0

    Coin Marketplace

    STEEM 0.25
    TRX 0.20
    JST 0.036
    BTC 94745.85
    ETH 3468.48
    USDT 1.00
    SBD 3.48