The tyranny of CryptoLocker has ended, or at least paused.

Ding dong the witch is dead:

FireEye and Fox-IT have partnered to provide free keys designed to unlock systems infected by CryptoLocker.

CryptoLocker screenshotIf you have been infected by the CryptoLocker ransomware and all your files have been encrypted without your consent, go to FireEye and Fox-IT’s decryptcryptolocker website post haste. These noble folks seem to have located the CryptoLocker servers that store the unique private keys (called “master decryption keys”) for infected systems and will allow you to decrypt your encrypted files . . . gratis!

I warned about CryptoLocker when it first appeared in the fall of 2013. It is a very malicious piece of work.

I applaud FireEye and Fox-IT. I’m not sure how they were able to locate the CryptoLocker servers. (New randomly-named servers were created every day.) Also, it seems that CryptoLocker’s claim that the private keys would be destroyed after several days wasn’t true, since FireEye and Fox-IT appear to have found the keys intact on one or more CryptoLocker servers. In any case, FireEye and Fox-IT deserve a big round of applause.

The Register published a good article about decryptolocker and its background. According to their article, my celebration may be premature:

Hopes that this takedown would kill off CryptoLocker have been dashed. CryptoLocker has evolved and once again started to compromise user devices, FireEye warns.

Lions and tigers and bears! Oh my!

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s