IT: Whitehats recover, release keys to CryptoLocker ransomware

[hufnagel]

Through a partnership that included researchers from FOX-IT and FireEye, researchers managed to recover the private encryption keys that CryptoLocker uses to lock victims' personal computer files until they pay a $300 ransom. They also reverse engineered the binary code at the heart of the malicious program. The result: a website that allows victims to recover the key for their individual content.

To use the free service, victims must upload one of the files encrypted by CryptoLocker along with the e-mail address where they want the secret key delivered. Both FOX-IT and FireEye are reputable security companies, but readers are nonetheless advised to upload only non-sensitive files that contain no personal information.

http://arstechnica.com/security/2014...er-ransomware/
https://www.decryptcryptolocker.com/

In case anyone knows anyone who got bit by CryptoLocker. This is good news, and a "well done" to the people who created this fix.

[LHS]

http://arstechnica.com/security/2014...er-ransomware/
https://www.decryptcryptolocker.com/

In case anyone knows anyone who got bit by CryptoLocker. This is good news, and a "well done" to the people who created this fix.

I'd really like to see this kind of malware punishable by death.

[Chuck Haggard]

I'd really like to see this kind of malware punishable by death.

Indeed. I think a for-real secret .mil unit that fast-ropes into the kitten head's house and whacks him while he is on the computer in his mom's basement would be ideal. Word would get around quickly

[LHS]

Indeed. I think a for-real secret .mil unit that fast-ropes into the kitten head's house and whacks him while he is on the computer in his mom's basement would be ideal. Word would get around quickly

The problem is that most of it's tied in with organized crime, either in Eastern Europe or China, rather than a lone hacker in a basement.

[hufnagel]

Exactly. CryptoLocker wasn't some script kiddie in his mother's basement feasting on Cheetos and Red Bull. It was a well developed and coordinated attack to fleece the sheeple of their money.



I'm thinking a MOAB is the correct response.

[SeriousStudent]

FireEye is good people, I'm not surprised they did this.

[Sensei]

http://arstechnica.com/security/2014...er-ransomware/
https://www.decryptcryptolocker.com/

In case anyone knows anyone who got bit by CryptoLocker. This is good news, and a "well done" to the people who created this fix.

Thanks for the heads up. On a related note, my employer is making us change all of our passwords due to the theft of some 1.2 billion passwords by a similar Russian crime syndicate. I've also changed my bank accounts and other sensitive websites just to be pro-active.

[Chuck Haggard]

The problem is that most of it's tied in with organized crime, either in Eastern Europe or China, rather than a lone hacker in a basement.

Them too.

[JackRock]

This is good news to me, as I'm in the Networking & Security field. Thankfully, our computers haven't yet been hit by the Cryptolocker virus, a few of our users have had personal computers that were. Since they seem to loathe backups, they were screwed. Now, while I don't do personal computers on company time (or for free), I can at least show them these links and give them the opportunity to recover some files themselves.

[hufnagel]

I figured posting about this here would hit some appropriate eyeballs. What is it about IT people and guns I don't know, but it's a pretty prevalent correlation.