Saturday, August 16, 2014

Free Way to Decrypt the Files From Some Drives That Have Been Encrypted With CryptoLocker

http://www.makeuseof.com/tag/cryptolocker-dead-heres-can-get-files-back/
"...After Kyrus Technologies reverse engineered CryptoLocker, the next thing they did was to develop a decryption engine.
Files encrypted with the CryptoLocker malware follow a specific format. Each encrypted file is done with an AES-256 key that is unique to that particular file. This encryption key is then subsequently encrypted with a public/private key pair, using a stronger near-impervious RSA-2048 algorithm.
The public key generated is unique to your computer, not the encrypted file. This information, in conjunction with an understanding of the file format used to store encrypted files meant that Kyrus Technologies were able to create an effective decryption tool.
But there was one problem. Although there was a tool to decrypt files, it was useless without the private encryption keys. As a result, the only way to unlock a file encrypted with CryptoLocker was with the private key.
Thankfully, FireEye and Fox-IT has acquired a significant proportion of the Cryptolocker private keys. Details about how they managed this are thin on the ground; they simply say they got them through ‘various partnerships and reverse engineering engagements’.
This library of private keys and the decryption program created by Kyrus Technologies means that victims of CryptoLocker now have a way to get their files back, and at no cost to them. But how do you use it?..."
Here is the site that let's you do the decrypting: http://decryptcryptolocker.com.

1 comment:

Amit sharma said...

verey nice blog and other information in my siterecoveryourpassword.

Removing a Bios - CMOS Password - Free Article

http://www.dewassoc.com/support/bios/bios_password.htm "Unfortunately, access to computers can, at times, be blocked for all of t...