- Get link
- X
- Other Apps
CryptoLocker is a ransomware that is simple and devastating. Until now, computers affected by CryptoLocker were unusable unless you paid the required monetary payment.
What is CryptoLocker
We have already covered What is CryptoLocker above? In short, it is a ransom Trojan specifically designed to infect Windows operating system computers. Once a computer becomes infected, it encrypts all data on local storage, mapped network drives, and mounted removable drives using RSA 2048-bit public-key cryptography, rendering all files unusable. Unless you pay the ransom (300 USD or the equivalent in Bitcoins), you will not be able to recover your files.
Until now, there was no way to recover the data encrypted by CryptoLocker.
Thanks to researchers at Fox-IT and FireEye, who managed to recover the private encryption keys, and to Kyrus Technologies for building the actual decryption engine. Combining efforts, these security companies launched a website that can be used by CryptoLocker victims to decrypt their encrypted files for free.
Decrypt Infected Files From CryptoLocker
To decrypt your CryptoLocker infected files, simply head over to decryptcryptolocker.com. To find the decryption key, you need to submit a sample of your encrypted file and your email address so that the website can send you the decryption keys and the free program to decrypt the encrypted files. Don't worry, your email address will not be used for marketing purposes (depending on the website). Only upload files that do not have confidential information.
So go ahead, enter your email address, click the "Choose File" button, select a sample CryptoLocker encrypted file, enter the CAPTCHA code, and click the "Decrypt" button.
Once you have submitted the sample file, the file will be processed and the website will send you the decryption key (private key) along with a link to download the decryption program.
Once you have received the decryption key and decryption tool by email, launch the decryption tool, and use the following command to start decrypting your encrypted files.
Decryptolocker.exe -key »& gt.
Unfortunately, the tool provided doesn't automatically decrypt all the files on your PC, that is, you have to decrypt one file at a time unless you know how to automate things using Windows Powershell or batch scripts. You can find more information about CryptoLocker decryption on the FireEye website.
Conclusion
CryptoLocker is a nasty malware that preys on valuable user data. If you are infected by CryptoLocker, you can use the above service to recover your files. Also, make sure that you are using good antivirus software like Protegent360 Total Security to protect yourself from future attacks. Note that although this process (hopefully) works with CryptoLocker, it may not be able to decrypt files encrypted by CryptoLocker variants such as CryptoBit, CryptoDefense, etc.
Comments
Post a Comment