Sebastian Eschweiler
Full Decryption of Systems Encrypted by Petya/NotPetya
As demonstrated in the previous blog post about decryption of Petya/NotPetya, almost the complete Master File Table (MFT) can be decrypted. In this post, we describe our approach to collect more keyst[…]
Decrypting NotPetya/Petya: Tools for Recovering Your MFT After an Attack
Making the world a better place has always been a core goal of CrowdStrike. In this blog post, we are making our findings, and tools, for decrypting NotPetya/Petya available to the general public. Wit[…]