Security experts can proclaim victory in the latest round with cybercrime, at least for now.
The Cryptolocker malware, which has ravaged the PCs of an estimated 500,000 victims, is no longer invincible. The malware locks all the PC’s files, demanding a ransom, payable in bitcoins, to unlock them. Victims are threatened that if the ransom isn’t paid within 72 hours, the private keys to unlock the files will be destroyed.
Some of those affected reportedly lost important business documents.
FXTM Appoints Marcelo Spina as Global Head of PartnershipsGo to article >>
Interestingly, only 1.3% of victims paid the ransom. Many of those refusing to pay did so because they had backups. Still, it is estimated that the attackers have fetched as much as $3 million from those willing to pay. A typical ransom demand was on the scale of several hundred dollars.
The solution was devised by Fox-IT and FirEye, two security firms working in conjunction with law enforcement investigators. They managed to get hold of the database of victims, something which the attackers were desperately trying to avoid. Victims can now turn to an online portal and submit one of their infected files. The team behind the solution then figures out the key used to encrypt the files.
The team is the same one to have shut down the infamous Gameover Zeus group, a p2p malware used in banking fraud and responsible for the spread of Cryptolocker.