Does anybody know if the recent flavour of Petya ransomware (active in June 2017) is somewhat different from one that appeared back in 2016?
I am only interested in the decrypting approach.
This was asked back here. But I can't find any info on how relevant that solution is to the recent case.
Thank you.
I am only interested in the decrypting approach.
At this time there is no known flaw with the encryption method used by Petya, that means, there isn't an approach except to use the decryption key. Since the criminal's email provider deactived their account, that is not possible, which means IT IS NOT possible at this time to decrypt files encrypted by the Petya variation that uses the SMBv1 vulerability.
The only method that existed to get the decryption key was to pay the ransome, which is not possible because the criminal's email provider deactived their account
