Experts crack Petya ransomware, enable hard drive decryption for free

Apr 11, 2016

Experts crack Petya ransomware, enable hard drive decryption for free

Security experts have devised a method that allows users to recover data from computers infected with the Petya ransomware program without paying money to cybercriminals.

Petya appeared on researchers’ radar last month when criminals distributed it to companies through spam emails that masqueraded as job applications. It stood out from other file-encrypting ransomware programs because it overwrites a hard disk drive’s master boot record (MBR), leaving infected computers unable to boot into the operating system.

The program replaces the drive’s legitimate MBR code, which normally starts the operating system, with code that encrypts the master file table (MFT) and shows a ransom note. The MFT is a special file on NTFS volumes that contains information about all other files: their name, size and mapping to hard disk sectors.

To read this article in full or to leave a comment, please click here

Experts crack Petya ransomware, enable hard drive decryption for free

SERVICES

  • Virtual CDO
  • Virtual CIO/CTO
  • Strategy Consulting
  • Speaking and Writing Engagement

SOLUTIONS

  • Data Management
  • Data Append / Enhancement
  • Data Quality
  • Data Privacy & Compliance

IMPORTANT LINKS

  • About
  • Blog
  • Contact me

Copyright © 2020 Ray Estevez

Disclaimer:The opinions expressed here are my own or that of the independent authors. Content published here is not read or approved in advance by True Influence and does not reflect the views and opinions of True Influence.