CoinVault and Bitcryptor Ransomware Victims Can Now Recover Their Files For Free

itwbennett writes: Researchers from Kaspersky Lab and the Dutch Public Prosecution Service have obtained the last set of encryption keys from command-and-control servers that were used by CoinVault and Bitcryptor,' writes Lucian Constantin. 'Those keys have been uploaded to Kaspersky's ransomware decrypt or service that was originally set up in April with a set of around 750 keys recovered from servers hosted in the Netherlands.

Re:Pretty Amazing Really

[Xenna]

"While it's a worthy effort, I suspect that it's mostly just a PR stunt though since I doubt very many people will actually be able to use these keys to avoid paying the ransom, given that the criminals will indeed switch to new keys pretty much overnight, potentially re-encrypting any data on PCs they have already compromised in the process if they can re-establish control via other C&C servers."

AFAIK the guys who did it are now in jail, which makes it a lot harder to change keys. Evene if they didn't catch them all, the remaining bad guys may want to lay low for a while.

So, it looks pretty much like a success to me. Locking these guys up and retrieving the keys is pretty much the best you can do in such a case.

Much Respect!

[JustAnotherOldGuy]

A big salute to the people at Kaspersky Labs and the Dutch Public Prosecution Service.

Talk about earning goodwill, these guys (and gals) just banked a mountain of it as far as I'm concerned.