Programmer Develops Methods to Defeat Petya Ransomware File Encryption
Ransomware is finally meeting its match as alternative methods to decrypt files the malware has encrypted are being discovered and shared with victimized computer users.
The tables are turning on ransomware creators in the recent weeks where an unidentified programmer has created a tool that exploits the shortcomings of the Petya Ransomware threat.
Petya Ransomware is among the every-day-growing list of malware threats that are designed to encrypt data on an infected computer and hold those files for a large ransom fee that if paid is claimed to decrypt and restore all encrypted files. In most cases, crypto-ransomware threats cannot be defeated unless a computer user pays up a fee that is sometimes as much as $1000 to obtain a decryption key that may be entered to decrypt their files. Until the payment is made, files on a system infected with Petya Ransomware or other similar crypto-ransomware threats will continually be encrypted making the infected computer nearly useless.
Computer security researchers are gradually discovering alternative methods to decrypt files on a ransomware-infected machine. As a specific type of threat that is now susceptible to decryption, Petya Ransomware has had a key generator created by a programmer, who has not yet been identified, that decrypts and unlocks Petya-infected computers.
The key generator that is supposedly a gateway to defeating the encryption of Petya Ransomware requiring victims to extract information from specific memory locations of an infected computer's hard drive. The task isn't as simple as running a repair tool on an infected computer. Instead, it appears that victims must extract certain data and potentially have to physically remove their infected drive and then reconnected it to another Windows machine that is free from any viruses. Reportedly, there is a tool that can help in extracting data on a machine that has files encrypted by Petya Ransomware found on a website created to help people unlock their computer.
While the only solution to Petya Ransomware remains to be the process of paying up a fee to decrypt the encrypted data, a free alternative looks to be promising. However, the alternative method appears only to be for those savvy enough to go through with what appears to be a lengthy procedure or drive removal and data extraction.
Computer security analyst, Graham Cluley, said that there had been other situations when ransomware creators had "bungled" their encryption system. Doing such would allow reverse engineering of their encryption thus allowing those with the proper knowledge to decrypt files themselves through a certain set of steps. Such a situation could be taking place in the recent ransomware landscape, but we have not pinpointed or identified the programmers making such progress.
While few computer security researchers and an unidentified programmer are making headway in discovering methods to decrypt data inflicted by crypto-ransomware, such threat still has an upper hand in their destructive path. Fundamentally, the only solution to crypto-ransomware remains to be the proactive steps of backing up your entire hard drive and restoring a ransomware-infected system from the backup if such situation occurs.
Petya Ransomware is only one out of a couple of examples of ransomware threats that can be defeated in their encryption without paying the ransomware perpetrators. Though, countless ransomware threats have yet to have a method of decryption discovered outside of paying for the decryption key, which is turning the ransomware-creation business into a multi-million dollar epidemic that cannot be solved overnight.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.