Kasperky Lab and Comae Technologies announced that as many as 50 victims of ExPetr / Petya have paid a redemption fee of approximately USD10,200 in the form of Bitcoin.
However, Kaspersky Lab called the hope to restore stolen and encrypted data. Researchers at Kaspersky Lab found errors in the malware code, preventing data recovery.
In addition to errors, data restoration also faced some constraints after the German email provider Posteo blocked the attacker's email address. This blocking prevents the victim from contacting the attacker to verify payment-related.
Our analysts indicate hope for the victim to return the data is very small. We have analyzed the high-level code of the encryption routine and hamu found after disk encryption, the threat actor can not decrypt the victim disk, Kaspersky Lab said.
Threatpost also reports that the problem with this problem is the lack of installation IDs that contain important information for major improvements. Early Pet infection contains an important installation ID.
The Ransomware also has an eraser component that rewrites Master File Table and Master Boot Record from the infected machine. This type of destructive behavior is not commonly found in ransomware.
This has prompted leading researcher, Matt Suiche, to speculate that the ransomware aspect of the attack that occurred on Tuesday was just a cover. Ransomware is intended to lure the media, and this Petya version removes the first sector of disks infected with similar malware Shamoon malware.
In his blog upload, Matt Suiche, the main purpose of deleting the data is to destroy and destroy. Another goal of ransomware is to make money, with different intents, motives and narrations.
Steemit will be our primary communication medium. We are speaking to people in different countries and in various sporting disciplines. By using Steemit as our mouthpiece, i strive to invite many more people to join the @Steemit crowd.
Please follow us on @dxgam
Happy Steeming!
i don't know why some people do this thing just to earn money, i just hope they regret it doing afterwards. upvoted it for you.
Thank you