As research concluded, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. His original malware was pirated and extended by an unknown actor (read more here). As a result of the recent events, Janus probably decided to shut down the Petya project. Similarly to the authors of TeslaCrypt, he released his private key, allowing all the victims of the previous Petya attacks, to get their files back.
(The author of Petya has been known for previously leaking the keys of his rival, Chimera ransomware - details here).
[UPDATE] Researcher Anton Ivanov confirmed by his experiments that the key is authentic.
[UPDATE#2] Decryptor released
What exactly happened?Yesterday, Janus has made a public announcement on Twitter:
The message contained a link to the file, hosted at mega.nz service.
The linked file was encrypted and password protected:
After guessing the password and decrypting the package with the help of openssl, I got the following plaintext:
Congratulations! Here is our secp192k1 privkey: 38dd46801ce61883433048d6d8c6ab8be18654a2695b4723 We used ECIES (with AES-256-ECB) Scheme to encrypt the decryption password into the "Personal Code" which is BASE58 encoded.It seems that this is Janus' private key for all the previous Petyas.
Can it help in case of EternalPetya/NotPetya?This key cannot help in case of EternalPetya, since, in this particular case, the Salsa keys are not encrypted with Janus' public key, but, instead of this, erased and lost forever (read more). It can only help the people who were attacked by Petya/Goldeneye in the past.
What is the value added by having this key?Just to recall, the first version of Petya, Red Petya, has been successfully cracked by leo_and_stone. Based on his work, various decryptors have been released, i.e. antipetya live CD.
The error in the second version - a.k.a. Green Petya, revealed by me, was not as severe. Yet, it allowed for writing a bruforcer. Thanks to the GPU-based solution implemented by procrash, the process of cracking the Salsa key has been sped up to 3 days.
Higher versions fixed the flaws to an extent making cracking of the Salsa key no longer possible.
Thanks to the currently published master key, all the people who have preserved the images of the disks encrypted by the relevant versions of Petya, may get a chance of getting their data back.
Further research related to the verification of the obtained material and the decryptor is in progress. We will keep you updated, please stay tuned!
AppendixGoldeneye - the last Petya version released by Janus:
This was a guest post written by Hasherezade, an independent researcher and programmer with a strong interest in InfoSec. She loves going in details about malware and sharing threat information with the community. Check her out on Twitter @hasherezade and her personal blog: https://hshrzd.wordpress.com.