Until now.
Researchers from FireEye and Fox-IT have managed to recover the private encryption keys used by CryptoLocker’s authors, as well as reverse-engineer the code powering the malware itself—meaning the firms can unlock your files. And while they could no doubt make a pretty penny selling that service to victims at a price far less than CryptoLocker’s $300 Bitcoin ransom, the security firms are taking the high road, and providing the private key details for free via the just-launched Decrypt CryptoLocker website.
FIREEYEThe process couldn’t be easier: Simply send the site one of the CryptoLocker-encrypted files on your PC, along with an email address. It’ll scan the file to figure out the encryption specifics, then send you a recovery program and master key that can be used to rescue your ransomed data.
FireEye warns that some data might not be recoverable, particularly if you’ve been infected by a CryptoLocker variant rather than CryptoLocker itself.
BBC reports that 500,000 people fell victim to CryptoLocker, with 1.3 percent forking over cash to free their files. In other words, the malware earned its makers around $3 million before the criminal network was smashed by authorities and security researchers in May.
Variants are still scuttling around the web, however. Beyond using security software and safe browsing practices, the best offense against ransomware is a strong defense. Making regular backups will let you easily recover your data if your PC ever falls prey to an encryption-based attack.
source: pcworld
