Cure for Petya engineered by anonymous security researcher

News by Tom Reeve

A cure for Petya ransomware has been invented by an unknown user who goes by the name of Leo Stone.

Stone has created an algorithm that takes as little as seven seconds to generate a password to unlock encrypted Petya ransomware files.

Leo Stone says on his Github page that he invented the algorithm after visiting his father in law at Easter. The poor man had apparently entered his admin password in response to an email from someone who had sent in their CV to apply for a job.

The tool works by analysing data from a specific section of the user's hard drive and then deploying a genetic algorithm to recover the key. Leo Stone says in some cases it can take up to 30 seconds to generate the key but prior to the implementation of the genetic algorithm, his “brute force” approach would have taken up to 80 days.

Lawrence Abrams at says to use the algorithm, it's best to visit Leo Stone's website to generate the key. You will need to extract 512 bytes of data from the affected hard drive at sector 55 (0x37h) with an offset of 0 and the eight-byte nonce from sector 54 (0x36) offset 33. Convert the data to Base64 and use the form on Leo Stone's website to complete the key recovery process.

Once you have the 16-character key, you can go to the Petya ransom screen and enter the password and wait for it to be decrypted.

Trend Micro issued a warning about Petya ransomware a couple of weeks ago.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews