How to decrypt crip...
 
Notifications
Clear all

How to decrypt criptoclocker files.....

5 Posts
5 Users
0 Likes
160 Views
soleil
(@soleil)
Posts: 6
Active Member
Topic starter
 

Dear experts, how to decrypt criptolocked files?
In the last two weeks here in my italian town 8 PC of different firms have been affected by the virus…..alla common files (jpeg, doc, pdf exc ) hvae been crypted and a ramsom message was sent to the victims…it seems nothing from an external backup is the solution….non system restore was good, no boot in linux (if you think is a normal process run at startup…) NO SOLUTION if you don't pay…it seems really impossible to cypher so many files in few minutes…..
If i try analyzing the header of files i find anormal header and nothing related to the original…it's not a startup process (linux see all files like encrypted)…
It seems no real solution ..for the moment….

 
Posted : 04/12/2014 12:20 pm
warry
(@warry)
Posts: 2
New Member
 

Hi

Try these guys.

https://www.decryptcryptolocker.com/

I havent used or tested this so please let me know if it works for you.

 
Posted : 04/12/2014 2:34 pm
milkof
(@milkof)
Posts: 6
Active Member
 

I've noticed the site….it seems working ….for each file there is the Key for decryption ….

 
Posted : 04/12/2014 8:08 pm
jaclaz
(@jaclaz)
Posts: 5135
Illustrious Member
 

Hey guys, no offence intended ) , but it is not like these are "news", the way the Cryptolocker works and the site to unlock the files of the "original" Cryptolocker are on Wikipedia all right
http//reboot.pro/topic/18855-windows-file-search-utility-that-is-fast/

The issue here may be that there are several "variants" (actually "copycats" or however "new" malware) that are also called (or claim to be) Cryptolocker, *like*
http//www.bleepingcomputer.com/forums/t/546528/new-cryptolocker-copycat-ransomware-in-the-wild/
and the given site may (or may not) be able to cope with these new malwares.

jaclaz

 
Posted : 04/12/2014 8:17 pm
gorvq7222
(@gorvq7222)
Posts: 225
Estimable Member
 

Hi,

FireEye and Fox-IT solved this issue and you could browse website as below
https://www.decryptcryptolocker.com/

My client suffered CryptoLocker virus and I've saved her files by using FireEye's solutions. Thanks for FireEye and Fox-IT. Also thanks for FBI, you caught those hackers and private keys could be found in those servers.

Rick

 
Posted : 05/12/2014 7:29 am
Share:
Share to...