The author of the original Petya ransomware going by the name of Janus Cybercrime Solutions, has released the master decryption key of all past Petya versions.
This key can decrypt all ransomware families part of the Petya family except NotPetya, which isn’t the work of Janus.
Janus released the master key on Wednesday in a tweet that linked to an encrypted and password-protected file uploaded on Mega.nz.
Malwarebytes security researcher Hasherezade cracked the file yesterday and shared its content:
Congratulations!
Here is our secp192k1 privkey:
38dd46801ce61883433048d6d8c6ab8be18654a2695b4723
We used ECIES (with AES-256-ECB) Scheme to encrypt the decryption password into the “Personal Code” which is BASE58 encoded.
The key is tested and confirmed by Kaspersky Lab.