Digital Trends
Computing

Has Petya ransomware locked you out of your PC? A new tool can let you back in

Bruce Brown
By

NotPetya ransomware
Experts share how to recapture your data without paying ransomware Trend Micro
If you unwittingly fell victim to the Petya ransonware, there’s a way to get your data back without paying hundreds of dollars. The solution may not be effective in defeating future Petya code if the code is changed in the future, but it works with the current version, according to BleepingComputer.com.

When your computer is hijacked by Petya, the entire drive isn’t encrypted. The actual area that’s encrypted and effectively renders your system useless until unlocked is a specific segment on the drive. The boot sectors hold information needed to fully operate and access all the data on your computer, and that’s what the malware locks down. When you enter the decryption code the Petya developers want you to purchase, the boot sector information is un-encrypted and everything is put back to normal.

But you don’t have to pay the ransom. If you’re comfortable removing your hard drive, attaching it to another Windows computer, and downloading and running free utilities created by two Twitter users, you can do it all yourself.

First, remove your encrypted hard drive and attach it as a non-boot drive to a second computer.

The data you need to find the Petya boot information is a 512-byte string starting at sector 55 (0x37h) with an offset of 0 and the 8 byte nonce from sector 54 (0x36) offset: 33 (0x21). Of course, finding that yourself won’t be easy. You’ll want a utility created by Fabian Wosar, whose Twitter handle is @fwosar. Download his Petya Sector Extractor utility, save the zip file to your desktop, extract the file, and the run PetyaExtractor.exe. This program searches the required sectors of your drive to find the proper string of data.

The next step is to go to either of two websites created by Twitter user @leostone. With your browser go here or here. When you open either of @leostone’s sites you’ll see a screen with two boxes for information generated by Fabian Wosar’s extractor utility. Use cut and paste to enter the data in the boxes on either of the websites. Click the Submit button and your decryption key will be generated. Write it down.

The last step involves re-attaching your original hard drive to the infected computer, and re-starting. When you see the Petya screen, enter the key you wrote down. It should be accepted, and your computer should immediately start decrypting. It soon will be as it was before you were infected.

Detailed instructions for the above process are available at BleepingComputer.com. If you find these steps daunting, your best bet will be to call local computer support firms, and find one familiar with this process.

This method of defeating Petya works for now. If the code is changed to subvert this rescue procedure, hopefully people like @leostone and Fabian Wosar can help again.

Editors' Recommendations

Don't Miss

These are the best indie games you can get on PC right now
Up Next

The storm of Oculus Rift pre-order controversy continues with further delays
awesome tech you cant buy yet obsbot camera feat
Emerging Tech

Awesome Tech You Can’t Buy Yet: camera with A.I. director, robot arm assistant

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Posted By Drew Prindle
qualcomm
Business

Apple banned from distributing some iPhone models in Germany

Apple is following the FTC's lead and has sued Qualcomm for a massive $1 billion in the U.S., $145 million in China, and also in the U.K., claiming the company charged onerous royalties for its patented tech.
Posted By Mark Jansen, Georgina Torbet
CES 2019
Emerging Tech

CES 2019 recap: All the trends, products, and gadgets you missed

CES 2019 didn’t just give us a taste of the future, it offered a five-course meal. From 8K and Micro LED televisions to smart toilets, the show delivered with all the amazing gadgetry you could ask for. Here’s a look at all the big…
Posted By Jeremy Kaplan
Yamaha Power Tuner App Motorcycle Phone Tool
Emerging Tech

Yamaha’s new app lets you tune your motorcycle with a smartphone

It used to be that if you wanted to tune your motorcycle’s engine and tweak its performance, you needed specialized tools and even more specialized knowledge. Yamaha’s new Power Tuner app changes that.
Posted By Mitchell Nicholson
amd ceo lisa su ces 2019 radeon vii
Computing

You could be gaming on AMD’s Navi graphics card before the end of the summer

If you're waiting for a new graphics card from AMD that doesn't cost $700, you may have to wait for Navi. But that card may not be far away, with new rumors suggesting we could see a July launch.
Posted By Jon Martindale
AMD Ryzen 5 2400G & Ryzen 3 2200G Review fan
Computing

Is AMD's Navi back on track for 2019? Here's everything you need to know

With a reported launch in 2019, AMD is focusing on the mid-range market with its next-generation Navi GPU. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles, like Sony's PlayStation 5.
Posted By Chuong Nguyen
Microsoft office building
Computing

Cortana wants to be friends with Alexa and Google Assistant

Microsoft no longer wants to compete against Amazon's Alexa and Google's Assistant in the digital assistant space. Instead, it wants to transform Cortana into a skill that can be integrated into other digital assistants.
Posted By Chuong Nguyen
windows 10 october update
Computing

Microsoft leans on A.I. to resume safe delivery of Windows 10 Update

Microsoft is leaning on artificial intelligence as it resumes the automatic rollout of the Windows 10 October 2018 Update. You should start seeing the update soon now that Microsoft has resolved problems with the initial software.
Posted By Chuong Nguyen
Macbook Air (2018) Review
Computing

Stop dragging windows on your Mac. Here's how to use Split View to multitask

The latest iterations of MacOS offer a native Split View feature that can automatically divide screen space between two applications. Here's how to use Split View on a Mac, adjust it as needed, and how it can help out.
Posted By Tyler Lacoma
hashflare cloud mining and bitcoin regulation crypto coin farm
Computing

It's not all free money. Here's what to know before you try to mine Bitcoin

Mining Bitcoin today is harder than it used to be, but if you have enough time, money, and cheap electricity, you can still turn a profit. Here's how to get started mining Bitcoin at home and in the cloud.
Posted By Jon Martindale
free drawing software
Computing

Need a free alternative to Adobe Illustrator? Here are our favorites

Photoshop and other commercial tools can be expensive, but drawing software doesn't need to be. This list of the best free drawing software is just as powerful as some of the more expensive offerings.
Posted By Kevin Parrish
Qualcomm 5G at CES 2019
Computing

What is fixed wireless 5G? Here’s everything you need to know

Here's fixed wireless 5G explained! Learn what you need to know about this effective new wireless technology, when it's available, how much it costs, and more. If you're thinking about 5G, this guide can help!
Posted By Tyler Lacoma
how to extend wi fi range with another router wrt1900acs position location direction improve signal
Computing

Fix those internet dead zones by turning an old router into a Wi-Fi repeater

Is there a Wi-Fi dead zone in your home or office? A Wi-Fi repeater can help. Don't buy a new one, though. Here is how to extend Wi-Fi range with another router you have lying around.
Posted By Jon Martindale
logitech mx vertical 4
Computing

Heal your wrist aches and pains with one of these top ergonomic mice

If you have a growing ache in your wrist, it might be worth considering ergonomic mice alternatives. But which is the best ergonomic mouse for you? One of these could be the ticket to the right purchase for you.
Posted By Jon Martindale