Thursday, December 5, 2024
HomeCryptocurrency hackFinally Petya Ransomware Original Author Janus Released His Private Key and ...

Finally Petya Ransomware Original Author Janus Released His Private Key and Decided to Shut down the Petya Project

Published on

SIEM as a Service

An another Historical Petya Ransomware after wanna cry Chapter Finally come to an end. An author of  Petya  came out and released the  Master Decryption Key to shut down the Petya Project.

This Master Decryption Key help to all the Petya Ransomware Victims to get back their Encrypted Files.

Released Master Decryption Key only work for Petaya variant. it will not work for NotPetya (ExPetr and Eternal Petya).because the NotPetya ransomware modifying the behavior of the original Petya ransomware by using Patching Process.

- Advertisement - SIEM as a Service

NotPetya has Different Encryption method and there is no relation with Original Petya Ransomware.

Also Read   A Fileless Ransomware Called “SOREBRECT” Discovered with Code Injection Capability that Encrypts local and Network Share Files

Janus REvelaed about this Decryption key Released via his tweet that,” They’re right in front of you and can open very large doors”

He  Uploaded Petya Ransomware Decryption key in MEGA Cloud where everyone can access and Download the Master Private key of the Petya Ransomware and all the affected Victims use this Key and get back their Encrypted files.

Private key Successfully Tested and confirmed the Authenticity

According to Kaspersky Lab security researcher Anton Ivanov The Master Private Key successfully tested and confirmed the master key’s validity.

He mentioned in his tweets published Petya master key works for all versions including GoldenEye.

Malwarebytes security researcher Hasherezade cracked the file yesterday and shared its content of the Cracked Result.

Congratulations!
Here is our secp192k1 privkey:
38dd46801ce61883433048d6d8c6ab8be18654a2695b4723
We used ECIES (with AES-256-ECB) Scheme to encrypt the decryption password into the “Personal Code” which is BASE58 encoded.

According to Malwarebytes, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. His original malware was pirated and extended by an unknown actor.

Also Read    Vault 7 Leaks : CIA Hacking Tools “BothanSpy” and “Gyrfalcon” Steals SSH Credentials From Windows and Linux Computers – WikiLeaks

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...

Fuji Electric Indonesia Hit by Ransomware Attack

Fuji Electric Indonesia has fallen victim to a ransomware attack, impacting its operations and...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Fuji Electric Indonesia Hit by Ransomware Attack

Fuji Electric Indonesia has fallen victim to a ransomware attack, impacting its operations and...

Beware Of Malicious PyPI Packages That Inject infostealer Malware

Recent research uncovered a novel crypto-jacking attack targeting the Python Package Index (PyPI), where...

Researchers Detailed New Exfiltration Techniques Used By Ransomware Groups

Ransomware groups and state-sponsored actors increasingly exploit data exfiltration to maximize extortion and intelligence...