The Petya ransomware that has been encrypting the NTFS Master File Table has recently been analyzed by the Bitdefender research team and found to sport similarities with other ransomware families, such as Chimera and Rokku.
This information could point to the same group of cybercriminals, except this time they’ve used advanced low level programming skills to develop the Petya strand. However, because the encryption process was flawed, our security researchers were able reverse engineer it and come up with a vaccine that makes decryption a lot easier in case of infection. Particularly, users will be presented with the decryption key, allowing immediate decryption.
An in-depth analysis of the Petya ransomware can be found in our “Petya Ransomware Goes Low Level” whitepaper (here), and here are some of its key findings:
Those who wish to avoid infection by this strand of ransomware can Download the Bitdefender Petya Ransomware Vaccine!