Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Crypt0l0cker Ransom virus


  • This topic is locked This topic is locked
2 replies to this topic

#1 charleslee

charleslee

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 11 May 2015 - 02:29 AM

Hi Guys

 

Yesterday, My client had a very nasty virus crypt0l0cker.exe, it encrypted all files(doc, docx, excel, pdf, zip...) and deleted all shadow copies, asked for money to decrypt.

Anyone has any ideas how to decrypt them?

 

Thanks

 

Charles


Edited by hamluis, 11 May 2015 - 05:52 PM.
Closed to avoid confusion, moved from Encryption to Gen Sec - Hamluis.


BC AdBot (Login to Remove)

 


#2 Angoid

Angoid

  • Security Colleague
  • 302 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:East Midlands UK
  • Local time:11:10 AM

Posted 11 May 2015 - 02:39 AM

Hi charleslee,

 

There is a whole topic dedicated to this infection here:

http://www.bleepingcomputer.com/forums/t/574608/crypt0l0cker-support-topic/?hl=+crypt0l0cker

 

Please follow that thread and ask any questions you might have in there, as that way all the information pertaining to this infection gets to stay in one place on the forum.


Helping a loved one through a mental health issue?  Remember ALGEE...

Assess the risk | Listen nonjudgementally | Give reassurance and info | Encourage professional help | Encourage self-help and support network

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:10 AM

Posted 12 May 2015 - 07:11 PM

From the above topic...

Crypt0L0cker (Torrentlocker) Update
...im going to advise any victims that are considering to pay to get their files back to NOT do it until otherwise stated that the virus creator is actually able to decrypt files again. I recommend that no victims pay the infection to get their files back, but i know this is not always an option, but if you proceed to do this now, you run the risk of losing your files and your money...The choice is ultimately up to you, but as it stands it seems no victim is getting a working decrypter after payment at this time.


More information about Crypt0L0cker can be found in this discussion topic: TorrentLocker changes it's name to Crypt0L0cker

Rather than have everyone start individual topics, it would be best (and more manageable for staff) if you posted any questions, comments or requests for assistance in the topic discussion link provided by Angoid. To avoid unnecessary confusion...this topic is closed.

Thanks
The BC Staff
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users