Petya Ran­somware Hack­ers Locked Out of Their Email Account


A widespread ransomware attack dubbed Petya/Petrwrap, bearing close resemblance to the WannaCry attacks earlier this month had hit devices in Spain, France, Ukraine, Russia and a few other countries on Tuesday and now the victims of the attack have been locked out of their devices because the hacker’s email account has been blocked.

Shutterstock 313805942

The hacker behind the attack had an account on German email service Posteo, which has been disabled by the company.

Doing so, they’ve locked out the victims of the attack from retrieving their data as now the victims who’ve paid out won’t be able to receive the decryption key.

“We became aware that ransomware blackmailers are currently using a Posteo address as a means of contact. Out anti-abuse team checked this immediately and blocked the account straight away,” the email company stated.

$300 worth of ransom in Bitcoin was demanded from the victims in order to purchase the decryption key.

Although initial reports indicated that the malware strain had a close resemblance to the Petya ransomware, security experts at Avira and Symantec confirmed that the malware used the same EternalBlue exploit leaked by Shadow Brokers and used in the WannaCry ransomware attack.

“We do not tolerate the misuse of our platform. The immediate blocking of misused email accounts is the necessary approach by providers in such cases,” Posteo added.

Since Posteo blocked the hacker’s accounts, they will no longer be able to access their email account or send and receive any emails.

This means that until and unless a decryption software to match the malware strain is developed or the company restores the hacker’s access, the victims and their data is left stranded.

The move has been criticised by a number of people since it not only affects the hackers, but also the victims in question in a number of countries in Europe.

The above article may contain affiliate links which help support Guiding Tech. However, it does not affect our editorial integrity. The content remains unbiased and authentic.

Also See
#malware #ransomware

Join the newsletter


Written By


Bike enthusiast, traveller, ManUtd follower, army brat, word-smith; Delhi University, Asian College of Journalism, Cardiff University alumnus; a journalist breathing tech these days.