A cryptography extortion ransomware, known as Petya, has been causing a lot of trouble, asking people to pay hefty sum of money in order to get their data back. Now, experts have come up with an anti-Petya solution that really works without paying the extortionists.
Petya is a stubborn ransomware that targets people's entire start up drive by paralyzing computer's master boot record. The hard to get ransomware cleverly encrypts master boot record file which makes it inaccessible, unless victims pays money to get the decryption password.
Now, a new application has been developed by an expert who goes by the @leostone on Twitter, which allows users to unlock their Petya-encrypted data back for free or volunteer donation, ArsTechnica reported. The new anti-Petya app is currently hosted on Herokuapp.
The ransomware was previously incurable because the infected computer could not boot up as tempered master boot record file made startup disk inoperable. Petya first tricked the victims by performing a fake disk check with CHKDSK, and under the hood secretly encrypted master file table.
The new anti-Petya tool works like a crack, in this case for a good cause, generating the Petya password which otherwise comes at a good price. However, the process does involve several steps that one must carefully follow to get their hard disk back online.
First off, one must disconnect the startup drive from the victimized computer and plug it into a Petya-free Windows computer. The next step is data extraction, the toughest part, after which the computer owner must go to Herokuapp website where leostone's anti-Petya tool is hosted and feed the data inside it. There are no hefty post-process involved, the Petya password will be cracked out.
Cracking the Petya password is the easiert part, what victims must fiddle through is extracting the data, which requires specific bytes from specific hard disk sectors. Fortunately, another expert programmer offered his contribution by creating the Petya Sector Extractor tool that obtains this required data in seconds.
Those who are having difficulty can follow the step-wise tutorial devised by Bleeping Computer. The following video explains how Petya ransomware infiltrates computers.