The CryptoLocker ransomware is as simple as it is devastating: Once it worms its way onto your system, it encrypts all of your precious files using strong AES-256-bit cryptography, which is virtually impossible to break if you dont know the private key (read: secret code) required to unlock it. Pay the attackers $300, and theyll give you the key. Dont pay, and your files stay scrambled forever. <\/p>\n
Until now. <\/p>\n
Researchers from FireEye and Fox-IT have managed to recover the private encryption keys used by CryptoLockers authors, as well as reverse-engineer the code powering the malware itselfmeaning the firms can unlock your files. And while they could no doubt make a pretty penny selling that service to victims at a price far less than CryptoLockers $300 Bitcoin ransom, the security firms are taking the high road, and providing the private key details for free via the just-launched Decrypt CryptoLocker website. <\/p>\n
Screenshot of a PC infected with CryptoLocker. <\/p>\n
The process couldnt be easier: Simply send the site one of the CryptoLocker-encrypted files on your PC, along with an email address. Itll scan the file to figure out the encryption specifics, then send you a recovery program and master key that can be used to rescue your ransomed data. <\/p>\n
FireEye warns that some data might not be recoverable, particularly if youve been infected by a CryptoLocker variant rather than CryptoLocker itself. <\/p>\n
BBC reports that 500,000 people fell victim to CryptoLocker, with 1.3 percent forking over cash to free their files. In other words, the malware earned its makers around $3 million before the criminal network was smashed by authorities and security researchers in May. <\/p>\n
Variants are still scuttling around the web, however. Beyond usingsecurity software and safe browsing practices, the best offense against ransomware is a strong defense. Making regular backups will let you easily recover your data if your PC ever falls prey to an encryption-based attack. <\/p>\n
<\/p>\n