Reference Russian hack of Ukraine.....
New: the hackers linked to #NotPetya ransomware decrypted a file for us, proving they can unlock at least some files
https://motherboard.vice.com/en_us/a...-decrypt-file#
BUT still largely unable to decrypt all files that it encrypted....
They still sidestep why they wiped the MBF on a large number of computers which is viewed as a destructive attack and why they are saying they will return all ransom payments when they did not make much to begin with....
IMHO they are trying to act like an beginner hack not a state sponsored attack....KEY the deliberate MBF wipe and the use of LSADump to record passwords and domain servers...and then the exfil of that data...for future hacking use.....NOR using a backdoor installed on a key updated software product.....
Bookmarks