CryptoLocker Encryption Cracked. How To Get Your Files Back.

toggle-button

Over the past few months, one of the most dangerous viruses affecting computers has been Cryptolocker.  Once infected, the virus encrypts all of the document files on your PC, and then demands payment (usually by Bitcoin) in order to divulge the necessary decryption key.  While it's possible to remove the virus with standard antivirus software, and thus stop the infection spreading any further, the encrypted files remained encrypted.

Until now.

It turns out that some of the key servers used by the Cryptolocker scammers had been intercepted by the authorities, and they managed to capture enough information to allow them to decrypt the documents of anyone whose computer had been affected.

So, if your PC was affected by Cryptlocker, or you know someone whose machine was, head to https://www.decryptcryptolocker.com/ and upload one of your encrypted files.  This will allow the site to determine the code for unlocking all of the files on the affected PC.  Full details are on the site.

Although I haven't tested this service, as I was lucky enough to escape being infected by Cryptolocker, I know of one acquaintance who tried it with complete success.  Also, the unlocking service is provided by 2 reputable security companies.

 

 

Please rate this article: 

Your rating: None
4.70588
Average: 4.7 (34 votes)

Comments

is this compatible with windows7 ultimate 64bit?

OK. Here comes my conspiracy theory. The 'authorities' have the keys to unlock your files? How convenient is that????

Plase think before asking :)

The fact that a "cure" for this evil malware is available is really good news, whether or not any particular individual was affected. Now, we can discuss how, when, where, etc., at our leisure. Thanks for sharing this CRITICAL bit of info, Rob.

How does one get infected, dodgy email attachment or dodgy web link?

So far, so good. Still, the question stands, why get infected in the first place? Do not the folks who lack judgment simply ask for being blackmailed? "Lucky" does not quite cut it, methinks.

How does cryptolocker play with VMs? Is it able to bridge between a physical machine and a VM?

So? Will this be the end of it? Or will the creators simply come up with a newer, not-yet-broken code? How does it work?

Good news for those hit with it- nasty business, that...

Cheers

No, that's not the end of it. FireEye and others got lucky in that they were able to grab a copy of the cryptolocker database.

Look at CryptoLocker as V1 of a "product" that's only going to get better and better, both in the delivery techniques (which will likely continue to rely on social engineering) and in the encryption process. Decryption (without the DB) is all but impossible without quantum computing, and will become even more "impossibler" with longer keys.

There are enough people with inadequate controls and inadequate backups to keep these crime syndicates rolling in dough for a long time to come...

Well, I figured the best way for me to stay safe is to do all of my "important" work on my Linux Mint desktop & keep my two portable HDD's backed up (then unplugged), plus two additional copies--> one to a local mediahub, the other to a networked, RAID server also running Linux & password protected.

If that all fails, I'd say I wasn't meant to have that data- lol...

Cheers

This mimics my approach too, Geekomatic. I now use Linux for everything unless I am testing Windows apps. I trust nothing to the cloud and back up my main machine to an external HDD, a second desktop, and a laptop which spends most of its time in another location. If all this fails and I lose everything, I can cry for a while and then start again. :) MC - Site Manager.

I've never been impressed with online back-up: You trust your data to strangers & then hope they don't go belly-up (or are compromised or etc), you must have an internet connection to reach your data, & you must pay to hold any real amount of data. No thanks.

I feel like it's just another sales pitch for something I don't need. While I can appreciate maybe storing a travel itinerary or perhaps passport, licence, etc (zipped & PW-protected), on something like Skydrive...beyond that, I don't see the allure for the average residential user. External storage is just so cheap now.

Anyway, that's imho. Everyone has their own idea.

Cheers

If your backup drive is sitting next to your computer it is sufficient if the primary computer HD crashes or has an unrecoverable virus. But it certainly ain't good enough for disasters such as fires. External backups are fine if combined with an offsite plan, but most people don't do this. That's one major advantage of cloud backup

@zdub

I get what you're saying, but if said person can't make a back-up & keep it safe locally-- the odds are worse them doing it via cloud.

In fact, having worked with a LOT of people, various ages, I can tell you truthfully that even automated backups (not even speaking of cloud & that extra level of complexity for most non-techies) are beyond them. I've gone to many, many places to find the "backups" they thought were happening-- well, weren't. I spend a lot of time being incredulous- lol.

So, I record their screen & do a video of an easy backup routine: it's open explorer, plug in external drive, see which drive letter it is (which already has folder we made for year + subs for each month). Go to their user folder, copy the folders they want, paste them into the correct month's folder on the external drive. Unplug drive. Done.

If they have two external drives (which I encourage) copy the backed up folder from one HDD to the other & then unplug both. After three months, you can delete the oldest if you wish to save space- but most of the people only bother backing up photos & documents so not much space is taken. I know you can do incremental- but doing it this way saves them from having to deal with the dialogue boxes which would pop up RE: duplicates & overwriting. Each backup is whole & uncompressed. I do advise they keep a 3rd external HDD offsite- with a friend or relative nearby. That covers fire.

Obviously, there are exceptions to this method-- as well as 100+ ways to do things. All I can say is that this way is well-received because it "makes sense" to the majority. Having the little video to refer to helps, as well.

Cheers