Posts Tagged: Ransomware

  • English-Italian Translations

    Petya key decoder

    Posted on by

    I made a decoder for key of Petya ransomware. It works for Stage 1 of encryption – if the system was not rebooted after the infection. Research about a possibility to decrypt Stage 2 is in progress. UPDATE: 8-th April 2016 Petya at Stage 2 has been cracked by leo-stone. Read more: https://petya-pay-no-ransom.herokuapp.com/ and https://github.com/leo-stone/hack-petya…. Read more »

  • English-Italian Translations

    Petya: Disk Encrypting Ransomware

    Posted on by

    Updated 2016-04-03: Edited to add more details about the encryption scheme. Petya is a new ransomware with an evil twist: instead of encrypting files on disk, it will lock the entire disk, rendering it pretty much useless. Specifically, it will encrypt the filesystem’s master file table (MFT), which means the operating system is not able… Read more »

  • English-Italian Translations

    ZeuS Ransomware Feature: win_unlock

    Posted on by

    Earlier today, while doing our daily data mining, we came across a new variant of ZeuS 2.x. It includes a new backdoor command called: win_unlock. Very interesting, turns out this slightly modified ZeuS 2.x includes a ransomware feature. When this particular variant is executed, it opens Internet Explorer with a specific page (lex.creativesandboxs.com/locker/lock.php) and prevents… Read more »