CryptoLocker decrypted: Researchers reveal website that frees your files from ransomware

The CryptoLocker ransomware is as simple as it is devastating: Once it worms its way onto your system, it encrypts all of your precious files using strong AES-256-bit cryptography, which is virtually impossible to break if you dont know the private key (read: secret code) required to unlock it. Pay the attackers $300, and theyll give you the key. Dont pay, and your files stay scrambled forever.

Until now.

Researchers from FireEye and Fox-IT have managed to recover the private encryption keys used by CryptoLockers authors, as well as reverse-engineer the code powering the malware itselfmeaning the firms can unlock your files. And while they could no doubt make a pretty penny selling that service to victims at a price far less than CryptoLockers $300 Bitcoin ransom, the security firms are taking the high road, and providing the private key details for free via the just-launched Decrypt CryptoLocker website.

Screenshot of a PC infected with CryptoLocker.

The process couldnt be easier: Simply send the site one of the CryptoLocker-encrypted files on your PC, along with an email address. Itll scan the file to figure out the encryption specifics, then send you a recovery program and master key that can be used to rescue your ransomed data.

FireEye warns that some data might not be recoverable, particularly if youve been infected by a CryptoLocker variant rather than CryptoLocker itself.

BBC reports that 500,000 people fell victim to CryptoLocker, with 1.3 percent forking over cash to free their files. In other words, the malware earned its makers around $3 million before the criminal network was smashed by authorities and security researchers in May.

Variants are still scuttling around the web, however. Beyond usingsecurity software and safe browsing practices, the best offense against ransomware is a strong defense. Making regular backups will let you easily recover your data if your PC ever falls prey to an encryption-based attack.

Continued here:
CryptoLocker decrypted: Researchers reveal website that frees your files from ransomware