T
TheHybridPetyaAuthor
New Member
- Joined
- March 25, 2026
- Messages
- 1
- Reaction score
- 0
- Points
- 0
- Thread Author
- #1
HybridPetya is an advanced ransomware that can bypass UEFI Secure Boot and encrypt Master File Table of NTFS partitions using Salsa20.
Unlike most ransomwares that encrypt only files, HybridPetya targets the UEFI Bootloader and encrypts Master File Table on boot.
Unlike most ransomwares that use RSA 2048 or RSA 4096 for public key cryptography and BASE64, HybridPetya uses ECDH with SECP192K1 and BASE58 encoding.
Unlike most ransomwares that encrypt only files, HybridPetya targets the UEFI Bootloader and encrypts Master File Table on boot.
Unlike most ransomwares that use RSA 2048 or RSA 4096 for public key cryptography and BASE64, HybridPetya uses ECDH with SECP192K1 and BASE58 encoding.
