August 06, 2014, 9:24 PM — The CryptoLocker ransomware is as simple as it is devastating: Once it worms its way onto your system, it encrypts all of your precious files using strong AES-256-bit cryptography, which is virtually impossible to break if you don't know the private key (read: secret code) required to unlock it. Pay the attackers $300, and they'll give you the key. Don't pay, and your files stay scrambled forever.
Until now.
Researchers from FireEye and Fox-IT have managed to recover the private encryption keys used by CryptoLocker's authors, as well as reverse-engineer the code powering the malware itself--meaning the firms can unlock your files. And while they could no doubt make a pretty penny selling that service to victims at a price far less than CryptoLocker's $300 Bitcoin ransom, the security firms are taking the high road, and providing the private key details for free via the just-launched Decrypt CryptoLocker website.
The process couldn't be easier: Simply send the site one of the CryptoLocker-encrypted files on your PC, along with an email address. It'll scan the file to figure out the encryption specifics, then send you a recovery program and master key that can be used to rescue your ransomed data.
FireEye warns that some data might not be recoverable, particularly if you've been infected by a CryptoLocker variant rather than CryptoLocker itself.
BBC reports that 500,000 people fell victim to CryptoLocker, with 1.3% forking over cash to free their files. In other words, the malware earned its makers around $3 million before the criminal network was smashed by authorities and security researchers in May.
- See more at: file:///C:/Users/eddie/Downloads/CryptoLocker%20decrypted%20%20Researchers%20reveal%20website%20that%20frees%20your%20files%20from%20ransomware%20%20%20ITworld.htm#sthash.ltxICX8s.dpuf
