Petya Ransomware Authors Demand $250,000 In First Public Statement Since Attack (theverge.com) 59
An anonymous reader quotes a report from The Verge: The group responsible for last week's globe-spanning ransomware attack has made their first public statement. Motherboard first spotted the post, which was left on the Tor-only announcement service DeepPaste. In the message, the Petya authors offer the private encryption key used in the attack in exchange for 100 bitcoin, the equivalent of over $250,000 at current rates. Crucially, the message includes a file signed with Petya's private key, which is strong evidence that the message came from the group responsible for Petya. More specifically, it proves that whoever left the message has the necessary private key to decrypt individual files infected by the virus. Because the virus deleted certain boot-level files, it's impossible to entirely recover infected systems, but individual files can still be recovered. The message also included a link to a chat room where the malware authors discussed the offer, although the room has since been deactivated.
Re: (Score:1)
Microsoft patched the hole long before it was exploited, which is really all you can ask of any company as no one on the planet has yet found a way to write an OS with no problems. If anything the NSA or moron IT people that don't manage their systems correctly are responsible.
Re: (Score:2)
Microsoft patched the hole long before it was exploited, which is really all you can ask of any company
That would be fine if there was a way to update (and keep updated) their OS without compromising it.
There is not (you'd have to install their telemetry spyware), thus no reasonable patch exists.
Re: (Score:3)
Most companies do NOT have IT departments. They outsource that on a break/fix basis, and do NOT want to pay for maintenance.
Re: (Score:2)
Microsoft patched the hole
No they haven't. At least not for everyone. On my Windows 7 machine every update consistently fails since they switched to bundled updates, and there is no technical means of recovering from this situation. I've tried absolutely everything you can imagine, every Microsoft and every 3rd party tool, except for reinstalling the whole operating system - the latter wouldn't be practical for me, because it would mean that I would have to manually reinstall hundreds of audio plugins (every second one with its own
Re: (Score:2)
Re: (Score:2)
You realize that the exploits that were taken advantage of were patched a MONTH before this occurred right?
Re: (Score:2)
Russia could pay it. Its a lot less than what Putin has already paid to fund this attack.
Makes him look good, and he can still deny responsibility, while reducing scope for escalating payback attacks.
More likely the group just announces an anonymous benefactor has paid the ransom. (Is the bitcoin transaction visible so they need to indirectly pay themselves?)
We are still assuming the ransom demand is just cover for a state-sponsored cyber-attack on Ukraine, right?
Re: (Score:1)
Yeah, and we may as well make Mexico throw in a few pesos. I mean, you know, why not? It's just another brick in the wall..
Re: (Score:2)
There is apparently good evidence that the Kremlin is supporting these attacks. At the minimum it is definitely calling the malware authors "patriots".
Re: (Score:3)
The source of the attack, the accounting company could buy it's way out of what seems very much like an insider attack, possibly even at management level. Basically a way for the accounting company to save face, except it now makes them look as guilty as hell ie $250,000 seems really low ball for what is likely to be a dead as fuck software accounting company (who the fuck will trust them with future upgrades). As for the Russia shit, it just makes the company look even worse, exactly what insiders would do
Re: (Score:2)
Can we just make up our minds and decide whether it's called "Petya" or "NotPetya"?
Po-TAY-to, Po-NOT-potato.
Re: (Score:2)
FTFY
Re: (Score:1)
Re: (Score:1)
Yeah, and as far as I can tell from other news sources, this ransom note is about NotPetya. So Slashdot is naming the wrong malware entirely here.
Re: (Score:2, Funny)
his old what?
Re: (Score:2)
I guess we all have an old.
Re: Credibility (Score:1)
There is no destruction of boot level files...
Yes it overwrites some sectors it never backs up, but they are inbetween the master boot record and the first partition, and are blank on almost every standard windows install ever.
The guy who claimed this whole thing about the worms code being flawed so it couldn't decrypt was wrong.
Stupid (Score:3)
If you pay them then you simply add fuel to the fire. The best thing to do is migrate to a secure OS and restore all the data you can and fire anyone managing a division that doesn't have full backups.
Re: (Score:1, Insightful)
It wasn't Russia, it was America that launched this attack. Everyone knows it but very few say it. American government needs a bogeyman and they want you to think Russia or China or North Korea or some other country is full of bad people that want to rape you and then kill you. Or maybe kill you, then rape you. They need bogeyman to keep you scared and in line.
Just look at the facts and you will see who injects the most malware into commercial products. Look at who spies the most on their own citizens. Look
$250,000 reward (Score:2)
Re: (Score:2)
Hey, if the guys who created Petya want to be part of the Bitcoin/Dark-Web economy and all that it entails, it's only logical that they are fair game for the assassination market.