Send bitcoins useless: the author Petya blocked the mailbox

The German mail provider Posteo has closed the mailbox of wowsmith123456@posteo.net hacker responsible for the virus epidemic of the Petya / PetrWrap cryptographer. Since yesterday, the virus has infected thousands of computers in enterprises and private users in Ukraine, Russia, Poland, Italy, Germany, Belarus (countries are listed in the order of decreasing the number of infections ) and other countries. Thus, the victim, even sending the requested amount in bitcoins, will not be able to inform the hacker about this - and will not be able to get the key from him.

“We do not tolerate abuses of our platform: immediate blocking of mail accounts with abuses is a necessary measure on the part of providers in such cases,” said Posteo.
')
According to the instructions of the cryptographer, the victim must send bitcoins worth about $ 300 to the specified address 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX and inform the author by e-mail your wallet ID and “personal installation key”. Now it is impossible to contact him.

The message of the cryptographer also states that there is no other way to recover encrypted files, except for buying a key: “Do not waste your time. No one can recover your files without our decryption service. ” Kaspersky Lab experts agree with this assessment : it will not be possible to decrypt the AES-128 cipher yourself, unless an encryption scheme is made.

Apparently, a unique installation key is generated for each victim. This allows the author to issue a personal key to decrypt files. At the moment, the ransom paid 41 victims in the total amount of 3.75188571 BTC ($ 9442).

Not all security experts approve of this decision of the German postal provider: “Idiots ... Blocking mail will not stop the infection, but the victims are now guaranteed not to get their files back, even if they wanted to pay,” the MalwareHunterTeam anti-virus group tweeted.


Although the aggressive actions of the German postal provider will not make life easier for the unfortunate victims of the infection, this seems to be a necessary approach to prevent similar crimes in the future. Criminals should know that their email addresses will be blocked and they will not receive the money anyway.

To prevent your computer from being infected with a Petya cryptographer, you should install a patch covering the MS17-010 vulnerability in Windows and create a file C: \ Windows \ perfc with a read-only attribute ( links to the patch ).