Finally Petya Ransomware Original Author Janus Released His Private Key and Decided to Shut down the Petya Project

An another Historical Petya Ransomware after wanna cry Chapter Finally come to an end. An author of  Petya  came out and released the  Master Decryption Key to shut down the Petya Project.

This Master Decryption Key help to all the Petya Ransomware Victims to get back their Encrypted Files.

Released Master Decryption Key only work for Petaya variant. it will not work for NotPetya (ExPetr and Eternal Petya).because the NotPetya ransomware modifying the behavior of the original Petya ransomware by using Patching Process.

NotPetya has Different Encryption method and there is no relation with Original Petya Ransomware.

Also Read   A Fileless Ransomware Called “SOREBRECT” Discovered with Code Injection Capability that Encrypts local and Network Share Files

Janus REvelaed about this Decryption key Released via his tweet that,” They’re right in front of you and can open very large doors”

He  Uploaded Petya Ransomware Decryption key in MEGA Cloud where everyone can access and Download the Master Private key of the Petya Ransomware and all the affected Victims use this Key and get back their Encrypted files.

Private key Successfully Tested and confirmed the Authenticity

According to Kaspersky Lab security researcher Anton Ivanov The Master Private Key successfully tested and confirmed the master key’s validity.

He mentioned in his tweets published Petya master key works for all versions including GoldenEye.

Malwarebytes security researcher Hasherezade cracked the file yesterday and shared its content of the Cracked Result.

Congratulations!
Here is our secp192k1 privkey:
38dd46801ce61883433048d6d8c6ab8be18654a2695b4723
We used ECIES (with AES-256-ECB) Scheme to encrypt the decryption password into the “Personal Code” which is BASE58 encoded.

According to Malwarebytes, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. His original malware was pirated and extended by an unknown actor.

Also Read    Vault 7 Leaks : CIA Hacking Tools “BothanSpy” and “Gyrfalcon” Steals SSH Credentials From Windows and Linux Computers – WikiLeaks

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

View Comments

Recent Posts

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…

2 days ago

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…

3 days ago

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…

4 days ago

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…

4 days ago

Google Chrome Security, Critical Vulnerabilities Patched

Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…

4 days ago

Notorious WrnRAT Delivered Mimic As Gambling Games

WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…

4 days ago