A hacking group linked to the worldwide ransomware attack last week has finally come forward to make its first public statement. In it they¡¯ve, of course, demanded a boatload of money to unlock the systems encrypted by their malware.
Spotted first by Motherboard, the group behind NotPetya (aka GoldenEye) posted a ransom note on the dark web on Tuesday, demanding 100 Bitcoins, roughly $256,000, to obtain their private decryption key. With it, one would be able to unlock any files encrypted by the ransomware.
NotPetya overwhelmed a number of major corporations in Europe last week, as well as essential government services, specifically in the Ukraine, including the country¡¯s electrical grid and transport systems. Considering the net worth of some of the companies affected, the relatively paltry amount being demanded comes as something of a surprise, though not to everyone.?
The thing is, security researchers believe NotPetya wasn¡¯t your everyday ransomware, no matter how potent. Instead, they theorise that the encryption of files was just a cover-up for a cyber attack on Ukrainian services.?
So far, Forbes has managed to prove that the decryption key works, though it will only unlock certain files and not your whole hard drive. That means that, though you may pay the exorbitant amount, you¡¯ll only be able to extract the files you need, but not use that device.
It¡¯s still unclear if any individuals or organisations have yet taken up the hackers on their offer, though no Bitcoin transactions of that size have been noted. In the meantime, the attackers have already shifted the over $10,000 previously in that particular Bitcoin wallet (from payments made last week) to another wallet, likely on its way to a Bitcoin laundering service.