1 min read

Presumed GoldenEye hackers surface online demanding $260,000 for decryption keys

Filip TRUȚĂ

July 06, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Presumed GoldenEye hackers surface online demanding $260,000 for decryption keys

The hackers behind the GoldenEye/Petya ransomware gave the first signs of life since the outbreak by posting new ransom demands, along with a signature for the malware’s private key, as evidence that they are the ones behind the June 27 attack. Their new demands? 100 Bitcoins worth $258,000.

Around 10 PM (UTC) yesterday, the roughly $10,000 in the bitcoin wallet associated with GoldenEye was moved to a different wallet. Two small donations were also made to the bitcoin wallets of Pastebin and DeepPaste, sites hackers use to make anonymous announcements.

According to separate sources who verified the identity of the authors, the hackers” new demand is now 100 BTC in exchange for the decryption key to unlock files encrypted by the GoldenEye/Petya ransomware.

In an interview conducted on a Dark Web chatroom with the presumed hackers, the guys at Motherboard learned that the demand was so steep because the key was allegedly capable of decrypting “all computers” infected with GoldenEye/Petya. The key, however, would not decrypt entire hard drives, as the ransomware used a separate key for entire-volume encryption, to prevent infected systems from booting their OS.

Experts believe the 100 Bitcoin demand is an attempt at further confusing the media, and cybersecurity firms, deflecting attention from what is believed to be a state-sponsored attack.

The consensus among security researchers is that GoldenEye/Petya was merely “dressed up” as ransomware, when the real purpose was to wipe data and cause havoc.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits
Silviu STAHIE

January 31, 2023

1 min read
Hackers steal 10 million customer details from JD Sports Hackers steal 10 million customer details from JD Sports
Graham CLULEY

January 30, 2023

2 min read
North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022 North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022
Silviu STAHIE

January 25, 2023

1 min read