Finally Petya Ransomware Original Author Janus Released His Private Key and Decided to Shut down the Petya Project

An another Historical Petya Ransomware after wanna cry Chapter Finally come to an end. An author of  Petya  came out and released the  Master Decryption Key to shut down the Petya Project.

This Master Decryption Key help to all the Petya Ransomware Victims to get back their Encrypted Files.

Released Master Decryption Key only work for Petaya variant. it will not work for NotPetya (ExPetr and Eternal Petya).because the NotPetya ransomware modifying the behavior of the original Petya ransomware by using Patching Process.

NotPetya has Different Encryption method and there is no relation with Original Petya Ransomware.

Also Read   A Fileless Ransomware Called “SOREBRECT” Discovered with Code Injection Capability that Encrypts local and Network Share Files

Janus REvelaed about this Decryption key Released via his tweet that,” They’re right in front of you and can open very large doors”

"They're right in front of you and can open very large doors" https://t.co/kuCUMZ5ZWP @hasherezade @MalwareTechBlog 😉

— JANUS (@JanusSecretary) July 5, 2017

He  Uploaded Petya Ransomware Decryption key in MEGA Cloud where everyone can access and Download the Master Private key of the Petya Ransomware and all the affected Victims use this Key and get back their Encrypted files.

Private key Successfully Tested and confirmed the Authenticity

According to Kaspersky Lab security researcher Anton Ivanov The Master Private Key successfully tested and confirmed the master key’s validity.

He mentioned in his tweets published Petya master key works for all versions including GoldenEye.

The published #Petya master key works for all versions including #GoldenEye pic.twitter.com/tTRLZ9kMnb

— Anton Ivanov (@antonivanovm) July 6, 2017

Malwarebytes security researcher Hasherezade cracked the file yesterday and shared its content of the Cracked Result.

Congratulations!
Here is our secp192k1 privkey:
38dd46801ce61883433048d6d8c6ab8be18654a2695b4723
We used ECIES (with AES-256-ECB) Scheme to encrypt the decryption password into the “Personal Code” which is BASE58 encoded.

According to Malwarebytes, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. His original malware was pirated and extended by an unknown actor.

Also Read    Vault 7 Leaks : CIA Hacking Tools “BothanSpy” and “Gyrfalcon” Steals SSH Credentials From Windows and Linux Computers – WikiLeaks