Jump to content

Recommended Posts

Posted

All 500,000 victims of Cryptolocker can now recover files encrypted by the malware without paying a ransom.

 

The malicious program encrypted files on Windows computers and demanded a substantial fee before handing over the key to the scrambled files.

 

Thanks to security experts, an online portal has been created where victims can get the key for free.

 

The portal was created after security researchers grabbed a copy of Cryptolocker's database of victims.

 

"This time we basically got lucky," said Michael Sandee, principal analyst at Fox-IT - one of the security firms which helped tackle the cyber-crime group behind Cryptolocker.

 

Cash call

 

In late May, law enforcement agencies and security companies seized a worldwide network of hijacked home computers that was being used to spread both Cryptolocker and another strain of malware known as Gameover Zeus.

 

This concerted action seems to have prompted an attempt by the gang to ensure one copy of their database of victims did not fall into police hands, said Mr Sandee.

 

What the criminals did not know, he said, was that police forces and security firms were already in control of part of the network and were able to grab the data as it was being sent.

 

Those infected were initially presented with a demand for $400 (£237), 400 euros ($535; £317) or an equivalent amount in the virtual Bitcoin currency. Victims had 72 hours to pay up or face the keys that would unlock their files being destroyed.

 

Analysis of the back-up database indicates that only 1.3% of all the people hit by the malware paid the ransom.

 

Despite the low response rate, the gang is believed to have netted about $3m from Cryptolocker. Many of those caught out did not pay because they were able to restore files from back-ups.

 

However, others are believed to have lost huge amounts of important files and business documents to the cyber-thieves.

 

Now, security firms Fox-IT and FireEye - which aided the effort to shut down the Gameover Zeus group - have created a portal, called Decrypt Cryptolocker, via which any of the 500,000 victims can find out the key to unlock their files.

 

"All they have to do is submit a file that's been encrypted from that we can figure out which encryption key was used," said Greg Day, chief technology officer at FireEye.

 

Mr Day said people wishing to use the portal should submit a file that did not contain sensitive information to help it verify which key they needed.

 

 

Source and full article:

http://www.bbc.co.uk/news/technology-28661463

76c90dd0e79a714317a8daeecc1584d2.png

  • FPCH Admin
Posted
I wonder how many people actually paid the ransom. One guy at work got infected. He asked me what to do and I told him if the files aren't important don't pay it and just format and install clean. If they are of value to you I told him to pay the ransom.
Posted
I wonder how many people actually paid the ransom.

A quick rough estimate would be about 6.500

Based on '1.3% of all the people hit by the malware paid the ransom' and 'any of the 500,000 victims'.

 

But i bet a lot of those were business's that didn't have adequate backups.... and needed to pay.

76c90dd0e79a714317a8daeecc1584d2.png

Posted

You would be right Pete as it never ceases to amaze me how few people even really care about backups of anything. For home users its priceless pictures and Tax records and for businesses well its everything.

 

A few years back I had a legal office that was using an eMachine I would say that was about 7 years old to host all its files. I sold them a fairly new HP mini tower and tried to get him to at least move the files to that pc but he didn't own a pc and really knew nothing about them. He was awful to work for so his employees never stayed long and every new legal secretary would ask me to give them a backup plan to push on him and he would never budge.

Then one day I get a call from one of the para legals that the main pc was down and they wanted bids for a server and 4 new desktops. I learned when I went in that it had cost him nearly $5000 to get back all his priceless legal documents.

 

I knew I was bidding against Dell and I made sure I was substantially higher because I didn't want the job. Another lawyer upstairs who rented space from the main firm asked me why my bid was so high because he couldn't believe what my bid was that had been shared with him at lunch one day. I told him the same thing between him being unwilling to spend anything until he had to and how slow a payer he was, I didn't want the sale.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...