Slashdot Mirror
Petya Ransomware Authors Demand $250,000 In First Public Statement Since Attack (theverge.com)
An anonymous reader quotes a report from The Verge: The group responsible for last week's globe-spanning ransomware attack has made their first public statement. Motherboard first spotted the post, which was left on the Tor-only announcement service DeepPaste. In the message, the Petya authors offer the private encryption key used in the attack in exchange for 100 bitcoin, the equivalent of over $250,000 at current rates. Crucially, the message includes a file signed with Petya's private key, which is strong evidence that the message came from the group responsible for Petya. More specifically, it proves that whoever left the message has the necessary private key to decrypt individual files infected by the virus. Because the virus deleted certain boot-level files, it's impossible to entirely recover infected systems, but individual files can still be recovered. The message also included a link to a chat room where the malware authors discussed the offer, although the room has since been deactivated.
Microsoft patched the hole long before it was exploited, which is really all you can ask of any company as no one on the planet has yet found a way to write an OS with no problems. If anything the NSA or moron IT people that don't manage their systems correctly are responsible.
Can we just make up our minds and decide whether it's called "Petya" or "NotPetya"?
Po-TAY-to, Po-NOT-potato.
#DeleteChrome
If you pay them then you simply add fuel to the fire. The best thing to do is migrate to a secure OS and restore all the data you can and fire anyone managing a division that doesn't have full backups.
Anons need not reply. Questions end with a question mark.
Petya and NotPetya are two separate pieces of malware. It isn't an OR it is an AND.
Microsoft patched the hole long before it was exploited, which is really all you can ask of any company
That would be fine if there was a way to update (and keep updated) their OS without compromising it.
There is not (you'd have to install their telemetry spyware), thus no reasonable patch exists.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
his old what?
Russia could pay it. Its a lot less than what Putin has already paid to fund this attack.
Makes him look good, and he can still deny responsibility, while reducing scope for escalating payback attacks.
More likely the group just announces an anonymous benefactor has paid the ransom. (Is the bitcoin transaction visible so they need to indirectly pay themselves?)
We are still assuming the ransom demand is just cover for a state-sponsored cyber-attack on Ukraine, right?
Yeah, and as far as I can tell from other news sources, this ransom note is about NotPetya. So Slashdot is naming the wrong malware entirely here.
Yeah, and we may as well make Mexico throw in a few pesos. I mean, you know, why not? It's just another brick in the wall..
It wasn't Russia, it was America that launched this attack. Everyone knows it but very few say it. American government needs a bogeyman and they want you to think Russia or China or North Korea or some other country is full of bad people that want to rape you and then kill you. Or maybe kill you, then rape you. They need bogeyman to keep you scared and in line.
Just look at the facts and you will see who injects the most malware into commercial products. Look at who spies the most on their own citizens. Look at which government strong-arms corporations info giving up citizen's personal data. Makes you wonder which country has the freedoms.
There is no destruction of boot level files...
Yes it overwrites some sectors it never backs up, but they are inbetween the master boot record and the first partition, and are blank on almost every standard windows install ever.
The guy who claimed this whole thing about the worms code being flawed so it couldn't decrypt was wrong.
FTFY
Democracy is two wolves and a sheep voting on lunch.
The source of the attack, the accounting company could buy it's way out of what seems very much like an insider attack, possibly even at management level. Basically a way for the accounting company to save face, except it now makes them look as guilty as hell ie $250,000 seems really low ball for what is likely to be a dead as fuck software accounting company (who the fuck will trust them with future upgrades). As for the Russia shit, it just makes the company look even worse, exactly what insiders would do. So the accounting software company pretends to pay and releases the key to their customers to attempt to regain some trust.
Easy to scope out, check out the revenues for the company over the last few years to see if they are stagnating or falling off and consider they were hoping to make millions before realising in the most stupid fashion, that as the leading source of the attack, their customers would blame them for the losses and go with different accounting software. When it comes to financial stuff and risks, trust once burned pretty much never comes back.
Chaos - everything, everywhere, everywhen
"Corporate" space is a small subset of "business" space.
Most companies do NOT have IT departments. They outsource that on a break/fix basis, and do NOT want to pay for maintenance.
"Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
There is apparently good evidence that the Kremlin is supporting these attacks. At the minimum it is definitely calling the malware authors "patriots".
I guess we all have an old.
I would offer a $250,000 reward for the identification of the people responsible. And then every country in the world can decide whether taking them out is helping their national security.
Microsoft patched the hole
No they haven't. At least not for everyone. On my Windows 7 machine every update consistently fails since they switched to bundled updates, and there is no technical means of recovering from this situation. I've tried absolutely everything you can imagine, every Microsoft and every 3rd party tool, except for reinstalling the whole operating system - the latter wouldn't be practical for me, because it would mean that I would have to manually reinstall hundreds of audio plugins (every second one with its own DRM scheme, and besides I'm going to buy a new machine soon anyway.
I cannot imagine how or why the maker of an operating system cannot invent a fix for their update problems. It doesn't help that each attempt of updating requires two restarts and takes an endless amount of time rolling back the update.
If it weren't for the audio software I'd surely get rid of Windows entirely, at the expense of never being able to play a top game anymore. I'm using GNU/Linux for work, of course, and never had any problems with it.
You realize that the exploits that were taken advantage of were patched a MONTH before this occurred right?
Build it, Drive it, Improve it! Hybridz.org
Agree that the US is on the hook morally and perhaps financially for any ill coming from the NSA spy tools that have fallen into the wrong hands, but you have a redundancy on your hands suggesting "moron IT people" who failed to patch their systems are to blame, too. The faulty decision was not failure to patch; it was adopting a vulnerable and frequently attacked OS to begin with. If someone driving a car with no brakes, no seatbelts, and low pressure in one tire, gets into an accident, do you say the problem was they failed to inflate the tire?