![]() The linked file was encrypted and password protected:Īfter guessing the password and decrypting the package with the help of openssl, I got the following plaintext:ģ8dd46801ce61883433048d6d8c6ab8be18654a2695b4723 The message contained a link to the file, hosted at mega.nz service. Yesterday, Janus has made a public announcement on Twitter: Decryptor released What exactly happened? Researcher Anton Ivanov confirmed by his experiments that the key is authentic. ![]() ![]() (The author of Petya has been known for previously leaking the keys of his rival, Chimera ransomware – details here). Similarly to the authors of TeslaCrypt, he released his private key, allowing all the victims of the previous Petya attacks, to get their files back. As a result of the recent events, Janus probably decided to shut down the Petya project. His original malware was pirated and extended by an unknown actor (read more here). As research concluded, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine.
0 Comments
Leave a Reply. |