Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Keygen alert: free password generator released for PETYA ransomware
#1
[Image: petya_ransomware.jpg]
The PETYA ransomware is just one of the recent examples of malware that encrypts victims' hard drives until a fee is paid. The advice from the government is not to pay the ransom -- or at least not expect to get a decryption key if you do -- but a password generator has been created that means you can decrypt your hard drive for free.
While TeslaCrypt 4 boasts 'unbreakable encryption', the same cannot be said of PETYA, although the PETYA ransomware does have the irritating habit of overwriting MBRs. This does mean that there is no way to interact with the drive on the infected computer, but with access to a spare machine to read the drive and access to the online tool created by Leostone, you could have your data back in seconds. As the tool's website proudly proclaims, you can "Get your petya encrypted disk back, WITHOUT paying ransom!!!" -- here's what you need to do.

The process is not something that everyone will be able to follow -- it is a little technical -- but it's worth persevering (hat tip to Bleeping Computer for the heads up!) to avoid coughing up any Bitcoin. You'll need to connect the infected drive to another computer and extract a couple of pieces of data from it, specifically:
  • 512 bytes of verification data from sector 55 (0x37) offset 0(0x0) of the disk, converted to Base64
  • 8 byte nonce from sector 54 (0x36) offset 33(0x21), also converted to Base64
To help with this, you can use the specially-written Petya Sector Extractor as this will provide you with the data you need.
Fire up your web browser and pay a visit to Leostone's decryption website at https://petya-pay-no-ransom.herokuapp.com/ where you'll find two fields into which you can paste the requested data from the infected drive.
With this done, hit Submit and wait for a few seconds while your key is generated. Return the infected drive to its original computer, fire it up, enter the key when prompted, and the drive should be decrypted. For free!

source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Generate a new, secure password with ExpressVPN's password generator. Sasha 2 1,719 02-05-2020 , 01:14 PM
Last Post: hakah
  Security Alert: Attackers Using Brute-Force to Spread Ransomware tarekma7 0 3,109 03-03-2018 , 06:26 PM
Last Post: tarekma7
  Petya victims given hope by researchers LowcyGier 0 1,561 07-08-2017 , 08:39 PM
Last Post: LowcyGier
  Private Decryption Key For Original Petya Ransomware Released LowcyGier 0 1,725 07-08-2017 , 07:46 PM
Last Post: LowcyGier
  #PETYA: Learn how the ransomware works in less then 2 minutes baziroll 0 2,194 07-05-2017 , 12:14 AM
Last Post: baziroll

Forum Jump:


Users browsing this thread: 1 Guest(s)