Forum Thread

PSA... DeCryptoLocker FREE decryption of any encrypted CryptoLocker file or hard drive/system

boltman2007 7,354 2,746 August 15, 2014 at 07:26 PM
https://www.decryptcryptolocker.com/

With the discovery of the Cryptolocker infrastructure private key servers ALL cryptolocker private keys have been recovered and is FREE to decrypt your files that were encrypted wit the CryptoLocker virus

FireEye and Fox-IT have partnered to provide free keys designed to unlock systems infected by CryptoLocker.
Please provide your email address [1] and an encrypted file [2] that has been encrypted by CryptoLocker.
This portal will then email you a master decryption key along with a download link to our recovery program that can be used together with the master decryption key to repair all encrypted files on your system.

Please note that each infected system will require its own unique master decryption key. So in case you have multiple systems compromised by CryptoLocker, you will need to repeat this procedure per compromised system.


Notes:
[1] Email addresses will not be used for marketing purposes, nor will they be in any way stored by FireEye or Fox‑IT.
[2] You should only upload encrypted files that do not contain any sensitive or personally identifiable information.





They need to examine the specially crafted cryptolocker header to determine your master private key

46 Comments

1 2 3 4

Sign up for a Slickdeals account to remove this ad.

#2
That's fantastic news for those who got caught by that virus.
Reply Helpful Comment? 0 0
If you're on this ignore list, vivahate, sd44, cav, charles052, frogstar, godfather927 don't bother quoting me
Joined Feb 2007
L10: Grand Master
7,354 Posts
2,746 Reputation
Original Poster
#3
Yes...pretty amazing they were able to track down all the private keys.

Now we just have to figure something out for... Bad Usb
Reply Helpful Comment? 0 0
Joined Aug 2008
L99: Slicker than Ice
6,393 Posts
1,756 Reputation
#4
Quote from RockySosua View Post :
That's fantastic news for those who got caught by that virus.
I almost think it's a bad thing... since now they won't learn any lessons about keeping stuff backed up or not getting viruses in the first place
Reply Helpful Comment? 0 0
#5
Quote from slapshot136 View Post :
I almost think it's a bad thing... since now they won't learn any lessons about keeping stuff backed up or not getting viruses in the first place
Only a total idiot wouldn't learn a lesson from getting all his/her data encrypted, effectively lost for a period of time before finding out that there's a solution.
Anybody with an ounce of brains will take precautionary measures for the future, and if the person in question is truly IQ challenged, it's up to us to guide them down the right path.... Geez, that sounded like a religious speech, but you know what I mean, right?
Reply Helpful Comment? 0 0
Joined Aug 2008
L99: Slicker than Ice
6,393 Posts
1,756 Reputation
#6
Quote from RockySosua View Post :
Only a total idiot
is probably the main victim of this virus to begin with...
Reply Helpful Comment? 0 0
#7
Quote from boltman2007 View Post :

Now we just have to figure something out for... Bad Usb
It's difficult for me to get all paranoid about the Bad USB thing, when I never get any virus'.
If there were known cases of it happening and not just a theoretical thing, it might be easier for me to be concerned, but I do see a certain issue from the www announcement of the potential danger.
It seems to me that if there's a security loophole anywhere, telling the whole world about it, only benefits the bad guys who will start looking for a way to do it.
It's similar in concept to broadcasting something like this..... "There's a way to rob my house, even though it's never happened, but if you do this or that, you will be able to rob me".
In fact, it's even worse than that, as it would be a security company telling the world how it's done, so later on down the road, someone might exploit the vulnerability in my home defense, and rob me.
Am I the only one who sees this?
Reply Helpful Comment? 0 0
Joined Feb 2007
L10: Grand Master
7,354 Posts
2,746 Reputation
Original Poster
#8
Quote from RockySosua View Post :
It's difficult for me to get all paranoid about the Bad USB thing, when I never get any virus'.
If there were known cases of it happening and not just a theoretical thing, it might be easier for me to be concerned, but I do see a certain issue from the www announcement of the potential danger.
It seems to me that if there's a security loophole anywhere, telling the whole world about it, only benefits the bad guys who will start looking for a way to do it.
It's similar in concept to broadcasting something like this..... "There's a way to rob my house, even though it's never happened, but if you do this or that, you will be able to rob me".
In fact, it's even worse than that, as it would be a security company telling the world how it's done, so later on down the road, someone might exploit the vulnerability in my home defense, and rob me.
Am I the only one who sees this?

Rocky its important you (and everyone else) understand the existing threat....

Bad USB is un-detectable and can affect nearly any usb device with rewritten firmware (this is due to the extreme flexibility of USB itself)...to mimic any usb device.

Virus scans do not and cannot detect it. Does not require special tools any PC will do.

This is NOT theoretical people have been rewriting MP3 players (for years using this method) saying they are 8 or 16 GB when they are 2GB... its real and prevalent in the wild.

ONLY way to tell is to deconstruct the device and look at the hardware.... its a very good idea to NOT login as administrator to help mitigate this pervasive threat.

These guys just exposed what is an inherent flaw in USB from a security perspective...re-writable firmware.

The rouge firmware can lie just fine and say its legit.
Reply Helpful Comment? 0 0
Last edited by boltman2007 August 16, 2014 at 07:51 AM

Sign up for a Slickdeals account to remove this ad.

Joined May 2004
L42: The Ultimate Answer
1,440 Posts
993 Reputation
#9
Quote from boltman2007 View Post :
This is NOT theoretical people have been rewriting MP3 players (for years using this method) saying they are 8 or 16 GB when they are 2GB... its real and prevalent in the wild.
I was under the impression that worked by modifying the flash memory controller, just like fake SD cards. Any links to Bad USB in the wild (fake MP3 players or otherwise)?
Reply Helpful Comment? 0 0

#10
Quote from FlashX83 View Post :
I was under the impression that worked by modifying the flash memory controller, just like fake SD cards. Any links to Bad USB in the wild (fake MP3 players or otherwise)?
Yes google phiston USB firmware or rubber duck USB drives.
Reply Helpful Comment? 0 0
Joined Feb 2007
L10: Grand Master
7,354 Posts
2,746 Reputation
Original Poster
#11
Quote from FlashX83 View Post :
I was under the impression that worked by modifying the flash memory controller, just like fake SD cards. Any links to Bad USB in the wild (fake MP3 players or otherwise)?
https://sosfakeflash.wordpress.co...nt-page-2/

Out of curiosity, I used HP Drive Key Boot Utility to format a fake 16GB USB drive that had a real capacity of 2GB as reported by H2TestW and by visual inspection of the memory chip. The HP utility formatted the drive as 3.91GB. Windows Vista recognized the drive as 3.91GB and formatted it the same.

Based on other post on this site, the HP drive utility, may only work for a few people. Also, in cases when the utility cannot recognize the drive I expect it may default to approximately 4GB, which when this application was developed (2005), GB size drives were not common.
Reply Helpful Comment? 0 0
#12
Quote from boltman2007 View Post :
https://sosfakeflash.wordpress.co...nt-page-2/

Out of curiosity, I used HP Drive Key Boot Utility to format a fake 16GB USB drive that had a real capacity of 2GB as reported by H2TestW and by visual inspection of the memory chip. The HP utility formatted the drive as 3.91GB. Windows Vista recognized the drive as 3.91GB and formatted it the same.

Based on other post on this site, the HP drive utility, may only work for a few people. Also, in cases when the utility cannot recognize the drive I expect it may default to approximately 4GB, which when this application was developed (2005), GB size drives were not common.
A friend brought me a few 16 gig no name USB drives on fleabay that would get identified as 16 giggers, but in fact, were 2 gigs or less, and soon didn't work at all.
I like deals on anything I buy, but when buying inexpensive stuff, I never take any chances with no name brands.
I can understand people being attracted to super cheap USB thumbdrive deals, but even if they are what they say they are, they are also invariably slower than the similarly priced brand name unit, as if thumbdrives weren't slow enough copiers as it is.
It's just not worth it.
The same goes for ram, SSD's, regular hard drives, wireless mouses & keyboards, etc.
Stick with the good brands with good user reviews and in the long run, they will turn out to be the least expensive and headache free purchases.
Reply Helpful Comment? 0 0
Joined Feb 2007
L10: Grand Master
7,354 Posts
2,746 Reputation
Original Poster
#13
Quote from RockySosua View Post :
A friend brought me a few 16 gig no name USB drives on fleabay that would get identified as 16 giggers, but in fact, were 2 gigs or less, and soon didn't work at all.
I like deals on anything I buy, but when buying inexpensive stuff, I never take any chances with no name brands.
I can understand people being attracted to super cheap USB thumbdrive deals, but even if they are what they say they are, they are also invariably slower than the similarly priced brand name unit, as if thumbdrives weren't slow enough copiers as it is.
It's just not worth it.
The same goes for ram, SSD's, regular hard drives, wireless mouses & keyboards, etc.
Stick with the good brands with good user reviews and in the long run, they will turn out to be the least expensive and headache free purchases.
The point is a device can report to the OS its 16GB when in fact its 2GB..... same as being able to report to the OS is a flash drive but actually act as a keyboard...without any obvious signs sending commands..

Thats the horror of Bad USB...no way to detect it

They think NSA knew about this (and every other flaw in complex modern systems) and may have been used in the Suxnet cyber attack in Iran...now the world knows and we have no defense.

BE VERY CAREFUL WITH USB DEVICES...do not share them that should be a thing of the past now that any of them can be compromised.
I started logging in with only user credentials now.
Reply Helpful Comment? 0 0
Last edited by boltman2007 August 16, 2014 at 03:33 PM
#14
If anyone reading this has been nailed by the Cryptolocker virus, and intends on retrieving their data as detailed in the OP, you can contact me about the actual virus removal.
I did 3 or 4 days of experimenting with it a few months back and rest assured, it can be removed.
Reply Helpful Comment? 0 0
Joined Jan 2006
L10: Grand Master
11,220 Posts
1,465 Reputation
#15
Quote from boltman2007 View Post :
This is NOT theoretical people have been rewriting MP3 players (for years using this method) saying they are 8 or 16 GB when they are 2GB... its real and prevalent in the wild.
I don't think thats in firmware. You can re-write disk geometry in user-space.
Reply Helpful Comment? 0 0
Heifer whines could be human cries
Closer comes the screaming knife
Page 1 of 4
1 2 3 4
Join the Conversation
Add a Comment
 
Copyright 1999 - 2016. Slickdeals, LLC. All Rights Reserved. Copyright / Infringement Policy  •  Privacy Policy  •  Terms of Service  •  Acceptable Use Policy (Rules)  •  Interest-Based Ads
Link Copied to Clipboard