July 7, 2017
The author of the original Petya ransomware — a person/group going by the name of Janus Cybercrime Solutions — has released the master decryption key of all past Petya versions.
This key can decrypt all ransomware families part of the Petya family except NotPetya, which isn’t the work of Janus. This list includes:
⩥ First Petya ransomware version (flashed white skull on red background during boot-up screens)
⩥ Second Petya version that also included Mischa ransomware (flashed green skull on black background during boot-up screens)
⩥ Third Petya version, also known as GoldenEye ransomware (flashed yellow skull on black background during boot-up screens)
< – >
This key won’t help NotPetya victims because the NotPetya ransomware was created by “pirating” the original Petya ransomware and modifying its behavior by a process called patching. NotPetya used a different encryption routine and was proven to have no connection to the original Petya.