202

My computer got encrypted by the Petya ransomware. After a long search I could not find a solution other than using file recovery software.

This helps a bit, but I am wondering if there is a way to completely restore my disk. I am not going to pay.

Ben N
  • 40,045
  • 17
  • 140
  • 181
leostone
  • 1,759
  • 3
  • 11
  • 10
  • 43
    To improve this question you might want to add some telltale signs that a ransomware infection is from this particular malware. Most users have no way to tell the name of the particular malware which hit them which means they won't find this question. – Philipp Apr 10 '16 at 16:32
  • 3
    I don't think there is a real infection, they are just collecting reps, which is ok here on SU if it is a good question that has not been asked before. – Moab Apr 10 '16 at 18:20
  • 30
    Looks like it's not a rep grab but publicity for the exploit, which is by the OP himself. I wouldn't begrudge it, it looks non-trivial and potentially useful :-) – alexis Apr 10 '16 at 20:25
  • 2
    It looks like this is a way to Remove the Decrypt the disk. Check it out [Petya Ransomeware Defeated](http://www.bleepingcomputer.com/news/security/petya-ransomwares-encryption-defeated-and-password-generator-released/) Looks Promising. – NetworkKingPin Apr 11 '16 at 05:09
  • 14
    I know it's not terribly relevant, but would you mind sharing how it happened? Perhaps it might help other users avoid this problem. – Nobilis Apr 11 '16 at 07:21
  • 4
    Can I have a picture of the message – Suici Doga Apr 11 '16 at 13:38
  • 1
    @SuiciDoga http://nabzsoftware.com/types-of-threats/petya-ransomware – MCMastery Apr 12 '16 at 01:14
  • 2
    This is yet another reason why you should be backing up your data often. If you had a reliable backup, you could simply wipe the computer and restore. If you [don't care about your data enough to back it up](https://blog.codinghorror.com/whats-your-backup-strategy/), then why worry about recovering it from ransomware? – BryanH Apr 14 '16 at 21:14
  • 1
    @BryanH You can care about your data (and even back it up) and still also care about recovering a system from ransomware. – TylerH Apr 15 '16 at 13:25
  • @TylerH true, if we were perfect we wouldn't be vulnerable to malware in the first place. If you can't be perfect it's nice to have options. – candied_orange Apr 16 '16 at 19:02
  • So is this thread still of use considering [the new Petya wave that has hit as of July 27, 2017](https://www.theguardian.com/world/2017/jun/27/petya-ransomware-attack-strikes-companies-across-europe)? – Giacomo1968 Jun 27 '17 at 17:29

1 Answers1

311

Fortunately, yes, there is a solution - I've written an application that would help with this.

Petya encryption has been reversed, analyzed and there is a solution to get the decryption key, just from the data on the encrypted disk.

The program code for key recovery is hosted on github: https://github.com/leo-stone/hack-petya.

If you can't or don't want to compile the program yourself,
there is an online service available:
https://petya-pay-no-ransom.herokuapp.com/
https://petya-pay-no-ransom-mirror1.herokuapp.com/ (if the first link is erroring for you)

You will still need to have a little computer experience though, to get the necessary data off your disk.

Update: Service has been taken down, it wasn't used anymore.

leostone
  • 1,759
  • 3
  • 11
  • 10
  • 78
    This is why you should never write your own encryption.. though I suppose in this case it's fortunate that they did. If they had used AES, there'd be no way to brute-force the key like this. – BlueRaja - Danny Pflughoeft Apr 10 '16 at 19:43
  • 9
    @vsz The authors of this malware encrypt the hard-drive at a hardware level, and wrote their own bootloader (!?!). I'm sure they've heard of AES. It's like as oakad says, they probably did this intentionally for maximum speed. – BlueRaja - Danny Pflughoeft Apr 11 '16 at 05:12
  • That Heroku app is throwing errors. Has it been taken down? – Michael Hampton Apr 11 '16 at 07:40
  • 2
    @MichaelHampton its possible its being overloaded with traffic, this question has managed to hit the featured list probably bringing in a lot of clickers. – James T Apr 11 '16 at 07:45
  • 34
    Oh, the disclosure rule. I do *strongly* recommend you do so, if only cause I'm getting a ton of spam flags for a useful tool ;) – Journeyman Geek Apr 11 '16 at 12:04
  • 4
    @leostone otherwise this question and answer may be considered spam, I.e. Unwanted advertisement. – Bakuriu Apr 11 '16 at 12:28
  • 4
    The weakness is not the encryption, it is that the key must be stored somewhere and the criminals can't hope to keep a remote server that is under their control accessible for the life time of the virus, for the virus to store new keys on. – Ian Ringrose Apr 11 '16 at 13:03
  • 14
    Could you add a basic explanation of what your code does? The answer is complete; I'm just curious and my school WiFi doesn't let me load GitHub repos that don't belong to me. – Nic Apr 11 '16 at 13:14
  • 5
    @QPayTaxes The author goes about it in an intentionally roundabout way -- You can plug the decryption routine into just about any constraint solver and have an answer in seconds ( http://pastebin.com/Zc16DfL1 ) – zetavolt Apr 12 '16 at 08:07
  • 2
    @BlueRaja-DannyPflughoeft Avoiding standard crypto for performance reasons is rather silly. Unless you have *very* fast IO, the process will be IO bound. A single core should be able to handle between 1 and 3 GB/s on a modern desktop. More if you reduce the number of rounds. – CodesInChaos Apr 12 '16 at 10:31
  • 4
    Comments are not designed to have a conversation. If you don't have a comment with regards to the answer itself, take your statements, to chat. – Ramhound Apr 13 '16 at 14:19
  • @SargeBorsch: You should ask that as a different question, but in short: Yes, that is very common for schools and businesses. They control all the machines so they can install their own root certs. – BlueRaja - Danny Pflughoeft Apr 14 '16 at 07:22
  • @IanRingrose Why not just encrypt that key using a public key and have the victim email the encrypted key along with payment? – Aron Apr 15 '16 at 05:29
  • @CodesInChaos Especially since standard algos are implemented in hardware these days... – Aron Apr 15 '16 at 05:30
  • Thank you! It might be an idea/suggestion to include the accompanying [Fabian Wosar](https://twitter.com/intent/user?screen_name=fwosar)'s [Petya Sector Extractor](http://download.bleepingcomputer.com/fabian-wosar/PetyaExtractor.zip) (for windows, linked on [bleepingcomputer.com](http://www.bleepingcomputer.com/news/security/petya-ransomwares-encryption-defeated-and-password-generator-released/)) in this answer. PS: Hopefully someone will combine and share these 2 sources into a .com executable that can be added to a syslinux usb boot-stick (alleviating need to take out HD). – GitaarLAB Apr 15 '16 at 15:20
  • So is this of any use to anyone in 2017 with [a new Petya infection happening](https://www.theguardian.com/world/2017/jun/27/petya-ransomware-attack-strikes-companies-across-europe)? – Giacomo1968 Jun 27 '17 at 18:05