Thursday , 21 September 2017
Home >> S >> Security >> NotPetya authors infer that they can decrypt some files

NotPetya authors infer that they can decrypt some files

The hackers behind a NotPetya malware seem to have done a uninformed release demand, shortly after transferring funds from their strange Bitcoin wallet. Analysts, however, consider that a new direct is meant to lay a fake trail.

Most of a companies influenced by the ransomware, that embody Oreo cookie manufacturer Mondelez International and shipping organisation Maersk, did not compensate a demands. This was partly since a email residence used to hit a enemy was close down by a German operator. However, a poignant volume of income was still sent to a hackers in a wish of unlocking blocked machines – a wish that might infer unfounded.

Late on Tuesday this week, a Bitcoin supports that had been sent were changed out of a strange wallet in 3 moves: dual tiny transfers went to a Bitcoin wallets of PasteBin and DeepPaste: these websites are used to pulp vast chunks of content online, and are mostly used to share formula – or by hackers to make announcements. The third and largest send went to a previously-empty address.

Shortly after a transfers, posts seemed on both PasteBin and DeepPaste claiming to be from a authors, asking for 100 Bitcoin (worth some-more than $250,000) for a pivotal that they pronounced would decrypt any complement influenced by NotPetya. A Bitcoin residence for payments was not provided, though a couple to a dim web chatroom, where people could hit them, was.

Motherboard visited a chatroom and interviewed a supposed hackers, nonetheless could not endorse either or not they were a strange NotPetya authors. Whether they were or not, a chairman on a other finish of a line did decrypt a file as explanation of their ability, that does indicate to entrance to a strange source code.

Security researchers, however, are unconvinced. Anton Cherepanov of ESET and Matt Suiche of Comae both told Motherboard that bugs in a ransomware could forestall a hackers from decrypting files incomparable than 1MB. Suiche pronounced that he thinks that a authors are simply “trolling” reporters and researchers by perplexing to upset a issue.

“This is a transparent try from a enemy to try to serve upset a audience, by changing a wiper account into a ransomware one again,” pronounced Suiche.

Further reading

<!–

–>

  • <!–

  • Save this article

  • –>

close
==[ Click Here 1X ] [ Close ]==