‘Not Petya’ hackers ask for 100 bitcoins to unlock PCs

Using more than one antivirus is not a good idea

The alleged creators of the Petya virus broke the silence and made a statement on DeepPaste, a service accessible only via Tor (deep web). In the message, the malware developers suggest handing over the key that can decrypt individual files on infected machines for 100 bitcoins, an amount that is equivalent to US $ 250,000 in the current quote (R $ 750,000, no fees). To prove that they are really responsible for the attack, the criminals attached a file to the message that is signed with Petya’s private key.

Understand why hackers ask for bitcoin ransom

1 of 2 Supposed malware creators ask for bitcoin fortune to release unlock key for victims – Photo: Pond5

Alleged malware creators ask for bitcoin fortune to release unlock key for victims – Photo: Pond5

Although it is not possible to guarantee that the authors of the message are really responsible for the wiper virus – and that they are able to offer the key to the victims – the presence of the file signed with the Petya key reinforces the idea that the message is, of in fact, from the hackers who spread the malware.

In addition, the message contains a link to a chat room with criminals for trading securities. The room, however, is inactive.

2 of 2 Supposed hackers behind the Petya virus ask for 100 bitcoins to decrypt individual files – Photo: Reproduction / Motherboard

Alleged hackers behind the Petya virus ask for 100 bitcoins to decrypt individual files – Photo: Reproduction / Motherboard

Data recovery may be limited

Petya is an extremely aggressive malware: it deletes files needed for the computer’s startup process. As a result, it is not possible to completely recover infected operating systems, only individual files. Whoever has access to the key that releases the machine can only access the HD in another way to copy files, therefore.

Transactions in the bitcoin portfolio

The monitoring of transfers in the bitcoin account associated with Petya has not registered much news, which seems to indicate that no one has accepted the initial «offer» to recover data. However, experts reported that those responsible for the cryptocurrency wallet forwarded the previous amount, which amounted to nearly R $ 32,000, for a new anonymous wallet. It is believed that this procedure was performed for laundering virtual money.

Via The Verge, Motherboard