Victims of the ransomware cryptolocker can now get their files back for free, thanks to the work of security experts.
The deadly malware, which was discovered last year, was controlled by the same servers that hosted Gameover Zeus.
These were taken down by an international law enforcement effort in May 2014, although the alleged mastermind - Russian Evgeniy Mikhailovich Bogachev - is still at large (see his FBI ‘Wanted’ poster at http://www.fbi.gov/wanted/cyber/evgeniy-mikhailovich-bogachev).
In the past eight months CryptoLocker infected some 500,000 Windows computers, encrypting users’ files and demanding an average of 5300 (£178) to release them. It’s been estimated that the criminals had managed to extort at least 41,928 Bitcoins from victims - equivalent at the time to about $27 million in the first three months of its operation.
Until now, users have had to pay up to recover their files. But researchers at security companies FireEye and Fox-IT have launched the Decrypt CryptoLocker website (www.decryptcryptolocker.com), where victims can unlock their files.
They will need to enter their email address and upload one of the affected files. They will then receive a master decryption key, plus a download link to the recovery program, and be able to decrypt the remaining files.
The website was created after security researchers obtained a copy of CryptoLocker’s database of victims.
In the past eight months CryptoLocker infected some 500,000 Windows computers, encrypting users’ files and demanding an average of 5300 (£178) to release them. It’s been estimated that the criminals had managed to extort at least 41,928 Bitcoins from victims - equivalent at the time to about $27 million in the first three months of its operation.
Until now, users have had to pay up to recover their files. But researchers at security companies FireEye and Fox-IT have launched the Decrypt CryptoLocker website (www.decryptcryptolocker.com), where victims can unlock their files.
They will need to enter their email address and upload one of the affected files. They will then receive a master decryption key, plus a download link to the recovery program, and be able to decrypt the remaining files.
The website was created after security researchers obtained a copy of CryptoLocker’s database of victims.
No comments: