Because of a flaw in the encryption process used by the Petya ransomware, security researchers were able to reverse-engineer the malicious code and create a "vaccine," that will enable victims to decrypt their infected endpoints.
Petya is a nasty new ransomware that encrypts not just files, but the entire disk. Instead of eating up memory and time by encrypting files individually, Petya installs itself like a bootkit and encrypts the filesystem's master file table -- a much quicker method that leaves "no time to call for help," F-Secure researchers said. Petya is vicious enough to have inspired federal authorities in both the US and Canada to issue advisories.
This is not the first time a security firm has released a tool that can decrypt endpoints that were locked by a particular strain of cryptoransomware. Last year, Cisco's Talos Labs developed such a cure for TeslaCrypt.
Download BitDefender's free Petya decryption tool here.
- Ransomware Authors Break New Ground With Petya
- Cisco Offers Free Ransomware Decryption Tool For Victims
- 10 Shocking New Facts About Ransomware