Search This Blog

Sunday, July 9, 2017

New Development: Hackers Behind Petya Demand 100 Bitcoins For Decryption Keys

Petya/NotPetya malware is creating lots of havoc across the US, Europe, and India. Petya/NotPetya malware came into the spotlight just when we thought that the world is now safe from WannaCry ransomware.
New Development: Hackers Behind Petya Demand 100 Bitcoins For Decryption Keys

Previously, we have shared a report in which Security researcher, Matt Suiche claimed that the Petya/NotPetya malware is actually a wiper, which is something more dangerous than WannaCry.

Petya/NotPetya malware is erasing the first sector of the disk. The security firm, Kaspersky also analyzed the malware and concluded by saying that this is a wiper.
Recently, the hacking group linked to the Petya/NotPetya attack has come forward and demanded a huge chunk of money to unlock the encrypted system. The reports came from Motherboard, the group behind Petya/NotPetya has demanded 100 bitcoins, roughly $256,000 to give the decryption key.
The bitcoin blockchain used by the hackers is public which makes it easier for the researchers to trace the wallet address that received payments for NotPetya. The wallet received around four Bitcoins, which is almost over $10,000.
All the funds were withdrawn from the wallet and mapped to 3 other wallets. One was an empty wallet which was set up by whoever transferred the money. The other two are owned by DeepPaste and PasteBin, services used by hackers to make announcements.

Image Source:
Image Source:

After the transfer, DeepPaste posted a message in which the author of NotPetya demanded 100 Bitcoins in exchange for the decryption keys. Well, the message in the DeepPaste says that no boot disks can be recovered, but the encrypted files can be recovered using the master decryption keys.

Well, it’s still unclear why the demand surfaced now, more than the week after the initial infections. So, what do you think about this? Share your views in the comment box below.


Recent Posts Widget