A quickie, but a really happy one for some!
You all remember CryptoLocker…the ransomware that encrypts all your files and only after paying do you get them back (maybe)? Well, while it's possible to remove the virus with standard antivirus software, and thus stop the infection spreading any further, the encrypted files remained encrypted.
Well, have I got great news for you! Turns out that some of the key servers used by the Cryptolocker scammers had been intercepted by the authorities, and they managed to capture enough information to allow them to decrypt the documents of anyone whose computer had been affected.
Go here:
You’ll see this:
“Please provide your email address [1] and an encrypted file [2] that has been encrypted by CryptoLocker.
This portal will then email you a master decryption key along with a download link to our recovery program that can be used together with the master decryption key to repair all encrypted files on your system.
Please note that each infected system will require its own unique master decryption key. So in case you have multiple systems compromised by CryptoLocker, you will need to repeat this procedure per compromised system.
Notes:
[1] Email addresses will not be used for marketing purposes, nor will they be in any way stored by FireEye or Fox‑IT.
[2] You should only upload encrypted files that do not contain any sensitive or personally identifiable information.”
Also, a captcha image…just do as it says.
Hope this helps!!! And a big thanks to the authorities and to FireEye and Fox It.