NOT PETYA | Either Master Decryption Key Available Within Days Or Your Files Lost Forever
Original Creator Of Petya Ransomware Steps In To Help Victims Unlock Their Computers.
Petya was originally launched in December 2015 by the Petya Ransomware Project. At the time of it's release Petya was unique among ransomware viruses because of it's ability to overwrite the MBR (Master Boot Record) as a way to block access to your files and operating system. Then back in March of last year the self described ‘professional cybercriminals’ made Petya and other viruses available to the public through a Ransomware-as-a-Service (RaaS) platform. This was a suite of cyber attack tools anyone could access for a fee to perform ransomware attacks with the owners of the platform receiving a % of any ransom money paid to the user to decrypt locked files.
Petya and Mischa for All! The RaaS Boom Expands to Include the Petya/Mischa Combo | Cylance - 05/19/2017
Janus Secretary
Yesterday @JanusSecurity, a Twitter account linked to the original Petya ransomware, tweeted to say they're having a look at the new variant and that it maybe 'crackable with our privkey'.
This gives hope to many people who have fallen fowl to theses cyber criminals and I would very much like it to be true but recent research suggests otherwise. Although widely reported this new ransomware is in fact not a Petya variant according to Kaspersky Lab:
Further research came out by Matt Suiche from Comae Technologies and Secure List that concluded the Petya ransomware isn't even ransomware but is in fact Wiper Malware.
Petya.2017 is a wiper not a ransomware | Comae.io - 06/28/2017
- Ransomware-as-a-service soon to be renamed Lure-as-a-Service
- TL;DR: The ransomware was a lure for the media, this variant of Petya is a disguised wiper.
If this new research turns out to be true it would mean there was never a chance of retrieving your files in the first place even if you did paid the ransom. The person or group behind this recent attack are either in it for thelulz or they have an ulterior motive. Either way these latest revelations tell us that these attacks aren't going to stop anytime soon.
Related post:
The Shadow Brokers to NSA Equation Group: We is Gots Yo Sheeat, Pay Up or Done Get Doxed | Steemit - @v4vapid - 06/27/2017
VAULT 7 | New Release - 'Outlaw Country' Targets Linux | Steemit - @Fortified - 05/30/2017
THE SHADOW BROKERS | Cashing Out Of Bitcoin And Into Zcash For "TheShadowBrokers Data Dump of the Month" Service | Steemit - @Fortified - 06/29/2017
Disclaimer: I am just a bot trying to be helpful.
And the rabbit hole just gets deeper.
Great post!
I don't think it's much of rabbit hole any more, more of an open pit mine.
Edit: Thank You
Perhaps a pit mine with a bunch of rabbit holes to fall down into?
There's a giant hole, yeah, but there seems to be other holes branching off from it.
lol yes I know what you mean.
Good! I was worried that I wasn't making any sense!
This is very cool and we need more good people to step up and help out in this way. Great article @fortified, I was unawares;) !
yes he was the same person that stole the decryption keys for the Chimera ransomware last year from another hacking group and released them to the public. they are an Interesting group to say the least.
Thanks as always man.
No thank you, I'm introduced to a lot of excellent information in your posts. Keep it coming!
Likewise man.
I've been working on a post that I think will get me put on some type of government watch list or worst killed. :)
It should be ready by Monday.
That sounds heavy dude.
Be safe.
This is what we're here for and post the things we do.
As long as it's on the blockchain nothing else matters.
Absolutely, you got that right. @rebelskum is getting DIN ready, the courage foundation, Barrett Brown's Pursuance and more are all positive developing platforms. The Steemit blockchain is also key. Good is on the rise!
Yes just saw that. @rebelskum is a legend for pulling that together. It's exciting times for sure.