After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims’ disk, even if a payment was made.

https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/