#NotPetya Hackers Demand $250,000 for Ransomware Decryption KeyPosted: July 6, 2017
The hackers responsible for last week’s globe-spanning ransomware attack have made a public statement for the first time since the attack.
The group responsible for #NotPetya have allegedly surfaced on the deep web with a statement offering the decryption key to all files encrypted by the ransomware they unleashed from Ukraine last week.
The post was first picked up by Motherboard after the group used the Bitcoin wallet associated with the ransomware to make a small donation to the Tor-only announcement service DeepPaste, which is where the message appeared.
The message makes a request for 100 bitcoins, which is over $250,000 in today’s market.
According to The Verge, “the message includes a file signed with Petya’s private key, which is strong evidence that the message came from the group responsible for Petya. More specifically, it proves that whoever left the message has the necessary private key to decrypt individual files infected by the virus.”
There was also a link to a chatroom included in the messages. During an interview conducted in the chatroom, someone claiming to be one of the malware authors told Motherboard that the price was so high because it’s for the key “to decrypt all computers.”
Motherboard offered the unknown group an individual file that had been decrypted by the malware and asked them to send it back decrypted as proof that they had the decryption key. The unknown individuals in the chatroom were unable or unwilling to decrypt the file.
Some are still convinced that this attack has nothing to do with money or ransomware.
“This is a fear, uncertainty and doubt case,” claimed the founder of Comae Technologies Matt Suiche in an online chat with Motherboard. “This is a clear attempt from the attackers to try to further confuse the audience by changing the wiper narrative into a ransomware one again.”