Petya ransomware cracked — solution available for free
In case you were stuck in a cave somewhere for some time, ransomware is a kind of malware that rewrites your hard drive’s master boot record (MBR), rendering your precious computer unable to boot, unless you submit to the requests of the creator of the ransomware you are infected with, that is. If you were wondering, why not just pull the drive out and plug it into another PC which can boot and access the files before wiping the whole drive? Well here’s why. Ransomware programs encrypt the master file table (MFT), which means that the operating system will not know where to look for the files that are in the drive. If the OS can’t see it, you can’t access it.
Well of course if a hacker can create such an ingenious method to ask for ransom from unsuspecting users, then of course another hacker will be able to crack it. And that is what happened here. Experts on BleepingComputer.com have managed to overcome the encryption of the Petya ransomware, but it requires extracting certain strings of information from the afflicted drive, which to be honest I have no idea how to.
Luckily yet another master by the name of Fabian Wosar wrote a tool to extract that information with just a click. You will have to plug your drive into another PC with bootable Windows and run the tool. The tool will automatically identify which drive is infected, and allow you to extract the information you need to decrypt your drive, which you will need to paste into the textboxes on the decryption site.
And you are done.