Whitepapers

Petya Ransomware Goes Low Level

The new Petya ransomware seems to have been built with speed in mind, as to expedite the encryption process. While traditional ransomware encrypts files one by one, Petya encrypts the location containing all information about disk files, such as size, permissions, and data content, essentially preventing users from accessing all their data.

Bitdefender was able to analyze the Petya ransomware and offer potential victims a tool that intercepts the encryption process and offers the decryption key, free of charge. Most importantly, the tool needs to be installed prior to being infected – not afterwards – in order to perform its function correctly.

Download the whitepaper now

About the author

Avatar

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.