Free decryption tools for CoinVault and Bitcryptor ransomware
Have you ever been blackmailed by the sinister CoinVault or Bitcryptor software?
If yes, it will be good news for you.
Kaspersky Lab and security researchers from the Dutch Public Prosecutor's Office have obtained and published the last batch of encryption keys from the master server. These keys are related to two ransomware-CoinVault and Bitcryptor.
Security researchers captured the first CoinVault ransomware attack in May 2014. Since then, CoinVault has infected more than 108 machines in more than 1500 countries.
On September 6, April 2015, Dutch police obtained the "decryption key" database from the CoinVault master server.
Ransomware decryption Tool
These decryption keys were immediately used by Kaspersky Lab to provide decryption services for ransomware, including a group of approximately 750 decryption keys recovered from a CoinVault server hosted in the Netherlands.
After the raid, CoinVault authors quietly updated their code and finally released Bitcryptor, the second generation of CoinVault ransomware.
However, last month, Dutch authorities arrested two suspects in connection with the CoinVault and Bitcryptor ransom attacks, resulting in the successful recovery of an additional 14,031 decryption keys.
These keys have now been updated to Kaspersky's ransomware decryption service and published on the noransom.kaspersky.com website.
Victims of personal computers infected with ransomware that still have encrypted data can now download these keys to decrypt their private files.
How to decrypt an infected file:
Step 1: record the bitcoin wallet address mentioned in malware.
Step 2: Obtain the list of encrypted files from ransomware.
Step 3: Download a valid anti-virus software and delete the CoinVault ransomware.
Step 4: Open the https://noransom.kaspersky.com and download the decryption tool provided by Kaspersky Lab.
Step 5: Install the additional library and decrypt the file.
However, there is another problem: "If you are infected with these software one day in the future, it will be unlucky ."
Ransomware's rise
Ransomware has become one of the greatest threats to Internet users in recent years.
The authors of the notorious CryptoWall ransomware earned more than $0.325 billion in the past year alone.
Generally, hackers use malicious ransomware to gain access to users' computers and use powerful encryption algorithms to encrypt a large number of data files, afterwards, he proposed to pay a ransom ranging from $200 to $10,000 (in Bitcoin ).
How can we prevent ourselves from ransomware attacks?
Just a few days ago, the FBI was still advising victims of ransomware to pay for the ransomware conditions proposed by criminals to retrieve valuable data files.
However, in my opinion, the best defense against these threats is to ensure that all important files are regularly backed up to a separate driver or storage device, which is connected only when needed, and cannot be accessed by hackers.
Here are some things you need to remember to prevent your computer from being infected by ransomware or other malware again:
Make sure that the software and anti-virus software in your system are the latest version.
Do not access suspicious websites
Do not open emails and attachments sent by strangers