Security Kaspersky Releases Free Decryption Keys for All CoinVault and Bitcryptor Ransomware Victims

[TNS213234]

Kaspersky Lab has published an additional 14,031 decryption keys that can be used to unlock personal files encrypted by the CoinVault and Bitcryptor ransomware.

Cyber-security vendors first observed CoinVault attacks in May 2014. Since then, this aggressive ransomware that heavily encrypts data files on infected computers has made over 1,500 victims in more than 108 countries.

As Kaspersky and other antivirus companies upgraded their detection tools, CoinVault's authors have also slowly updated their code, releasing Bitcryptor, as a second-generation CoinVault version.

Their campaigns, even if quite successful, have not managed to keep them safe from law enforcement agencies. Back in September, after a joint investigation between Kaspersky Lab, Panda Labs, and the Dutch Police, CoinVault's authors, two men from Amersfoort, Holland, were arrested by local law enforcement agencies.

After police had gained access to the cyber-crooks' infrastructure, Kaspersky Lab experts were able to extract all the remaining CoinVault and Bitcryptor decryption keys from the C&C server, and publish them on the noransom.kaspersky.com website.

Victims that had their computers infected by this ransomware, if they still have the encrypted data lying around on their PC, can go and download the decryption key (which they would have gotten only after paying the Bitcoin ransom to the attackers) and decrypt their files.

This may be just a little bit too late for some users, who tend to delete ransomware-encrypted files since they become useless and just take up hard drive space.

Source : http://news.softpedia.com/news/kaspersky-releases-free-decryption-keys-for-all-coinvault-and-bitcryptor-ransomware-victims-495493.shtml

[Sylence]

Kaspersky, the most active anti-malware company in the world -_-

[vissha]

Free Ransomware Decryption Tool — CoinVault and Bitcryptor

Have you been infected with the insidious CoinVault or Bitcryptor ransomware?

If so, there is some potentially good news for you.

You may now recover your encrypted files for FREE! – Thanks to the efforts of Dutch police and antivirus maker Kaspersky Lab.

Security researchers from Kaspersky Lab and the Dutch Public Prosecution Service have obtained and published the last set of encryption keys from command-and-control (C&C) servers used by two related ransomware threats – CoinVault and Bitcryptor.

Security researchers first observed CoinVault ransomware attacks in May 2014. Since then, CoinVault has made more than 1,500 victims in more than 108 countries.

In April 2015, the Dutch police obtained 'Decryption keys' database from a seized command and control server of CoinVault.

Ransomware Decryption Tool

Those decryption keys were then used by Kaspersky Lab to set up a Ransomware Decryptor Service, which included a set of around 750 decryption keys recovered from CoinVault servers hosted in the Netherlands.

After that raid, the CoinVault's authors slowly updated their code, eventually releasing a second-generation CoinVault version that they named Bitcryptor.

However, last month, the Dutch authorities arrested two men in connection with CoinVault and Bitcryptor ransomware attacks, leading to the recovery of additional 14,031 decryption keys.

The keys have now been updated to the Kaspersky's Ransomware Decryptor Service and published on the noransom.kaspersky.com website.

Those victims that had their PCs infected by these ransomware programs and still have the encrypted data lying around can now download these keys to unlock their personal files.

How to Decrypt CoinVault and Bitcryptor Ransomware:

1. Note down the Bitcoin wallet address mentioned by the malware.
2. Get the encrypted file list from the ransomware interface.
3. Then download an effective antivirus and remove CoinVault Ransomware.
4. Open https://noransom.kaspersky.comand download the decryption tool released by Kaspersky Labs.
5. Install additional libraries and Decrypt your files.

However, there's only one catch:

"If you get infected by this ransomware in the near future, you are out of luck."

Ransomware on Rise

Ransomware has emerged as one of the biggest Internet threats to the web users in recent years.

The authors of the notorious CryptoWall ransomware have raised more than $325 MILLION (£212 million) in this past year alone.

Typically, hackers primarily gain access to a user's computer using ransomware malware that heavily encrypts data files with a strong cryptographic algorithm, and then demand a ransom money (to be paid in Bitcoin), which ranges from $200 to $10,000.

How to Prevent Yourself Against Ransomware Attacks?

Just few days back, the Federal Bureau of Investigation (FBI) advised ransomware victims to just pay off the criminals in order to see their valuable data again.

However, in my opinion, the best defense against these threats is to ensure that all your important files are regularly backed up to a separate drive or storage that are only temporarily connected and can not be reached by the attackers.

A few more things you should keep in mind to prevent your Computer from getting infected with ransomware and other malware threats are:

• Ensure your system software and antivirus definitions are up-to-date.
• Avoid visiting suspicious websites.
• Avoid Opening Emails and attachments from unknown sources.

Source