Researchers Crack Petya Ransomware
Posted by: Timothy Weaver on 04/12/2016 10:37 AM
[
Comments
]
Researchers have discovered a way to decrypt the files encrypted with the Peyta ransomware.
Someone who goes by the Twitter handle @leostone has devised a tool that generates the password Petya requires to decrypt the master boot file.
It is a complicated method that involves removing the infected hard drive and slaving it to another computer and then extracting data from the boot files. Obtaining the hard drive data is not a simple matter for most users. However, a separate researcher has developed a tool that will do that for you. A free tool called the Petya Sector Extractor obtains the files in seconds. The app must be run on the computer that is connected to the infected hard drive.
Bleeping Computer, a reputable self-help computer forum, reports that the technique works as billed and provides this step-by-step tutorial that walks people through the entire process.
It wouldn't be surprising if the Petya developers fix this weakness in a future version. Once that happens, the newly developed tools will no longer work.
Source: Arstechnica
Someone who goes by the Twitter handle @leostone has devised a tool that generates the password Petya requires to decrypt the master boot file.It is a complicated method that involves removing the infected hard drive and slaving it to another computer and then extracting data from the boot files. Obtaining the hard drive data is not a simple matter for most users. However, a separate researcher has developed a tool that will do that for you. A free tool called the Petya Sector Extractor obtains the files in seconds. The app must be run on the computer that is connected to the infected hard drive.
Bleeping Computer, a reputable self-help computer forum, reports that the technique works as billed and provides this step-by-step tutorial that walks people through the entire process.
It wouldn't be surprising if the Petya developers fix this weakness in a future version. Once that happens, the newly developed tools will no longer work.
Source: Arstechnica
Comments
