The encryption key of “ransomware” (rançongiciel French) Petya, which raged for two weeks to get money to users, has was broken by security experts. The Petya Extractor software allows you to get rid
Remember that Petya does not just encrypt your files to take hostage. Figure it MFT ( Master File Table , Master file Table) and replaces the MBR ( Master Boot Record , primer Zone) with its own program, which then demands money to get the decryption key (the video of its operation here) .
breaking the encryption key computer scientists have managed to break the encryption key used by Petya through an algorithm. That said, the technique they use is complex.
This is why the researcher Fabian Wosar designed the Petya Extractor tool, which allows to easily get rid of rançongiciel and recover computer data.
Only trouble : you must connect the drive blocked by Petya another Windows computer that is working properly. If the infected computer has multiple disks, this is the one that contains the C: partition needs to be cleaned
The walkthrough . the procedure is as follows:
– start the software Petya Extractor (PetyaExtractor.exe, once unpacked the archive), which will then start a scan disk and disk automatically detect contaminated
– then go to one of these sites: https: //petya-pay-no-ransom.herokuapp.com or https: //petya-pay-no-ransom-mirror1.herokuapp.com /
– Enter the data of the tool, then click “Copy Sector”. The entirety of the steps to follow is then described on the website of BleepingComputer.
No comments:
Post a Comment