Download Petya ransomware decrypt tool & password generator

The PETYA ransomware is one of the most recent online threats for PC users. It is a malware which overwrites the MBR (Master Boot Record) of your PC and leaves it unbootable and also disallows restarting the PC in Safe Mode. Simply put, PETYA ransomware is a malware which encrypts your PC and asks for a ransom against the decryption key.

petya_figure1-400x222

Petya ransomware password generator & decrypt tool

While it is natural for users to panic in this situation and pay the ransom to get the decryption key, there is, fortunately, a decrypt tool available now. A new Petya password generator has been created to let the users decrypt their hard drive without paying any ransom. Yes! You can actually get your PETYA infected and encrypted disk back without paying a single bitcoin. However, the method is a bit technical and would not be easy for a non-techie PC user, it is still worth trying.

How to use Petya ransomware decrypt tool

To start with, you first need to extract some data from PETYA infected drive by connecting another computer to it. You need to get the 512 bytes of verification data and 8 byte nonce, to be precise. You can also use some hexeditor to get the verification and nonce sector from the encrypted disk.

Data Location:

Nonce 8-bytes: sector 54 [0x36] offset: 33 [0x21]

Encrypted Verification Sector 512-bytes: sector 55 [0x37] offset: 0 [0x0]

  • Save the files as src.txt and nonce.txt.
  • Head over to Leostone’s decryption website Petya Pay No Ransom Page to use the genetic solver which gives you the decryption key in just a few seconds.
  • This webpage has two fields where you have to paste the requested data from the infected drive.
  • Click on ‘Submit’ and wait for a few seconds. The password generator will generate your decryption key.
  • Go back to your encrypted disk and enter the generated decryption key when prompted.
  • Your drive will be decrypted for free, without paying any ransom.

PETYA ransomware infects your computer and leaves no way to interact with the hard drive, but this online tool created by Leostone give you the access back in just a few seconds.

This is what the webpage title on Github says, “Get your Petya encrypted disk back, WITHOUT paying ransom!!!”.

Ransomware victim? Check out this list of Ransomware Decryptor Tools.

Posted by on , in Category Security with Tags
Shiwangi is a qualified writer and a blogger, who loves to dabble with and write about computers. While focusing on and writing on technology topics, her varied skills and experience enables her to write on any topics which may interest her. Creating a System Restore Point first before installing a new software, and being careful about any third-party offers while installing freeware is recommended.