The Hacker News
There's an extraordinary malware making rock-n-roll over the Internet and if you are one of the unlucky folks to cross its path, then it could make your computer unusable and you have to pay a few hundred Dollars to retrieve your important data back.

We have warned our readers in many previous articles about a nasty piece of Ransomware malware called 'CryptoLocker', which is targeting computers running the Microsoft Windows operating system.

The CryptoLocker Ransomware encrypts the files on a victim's computer and issues an ultimatum - Pay up or lose your data. Users who are getting infected with CryptoLocker can see a message informing them that their computer is locked up and their files encrypted. It then asks them to make a ransom payment, which typically ranges between $100 and $700 or 2 Bitcoins, to get their files back.
Cybersecurity

Just yesterday I noticed on a forum that the criminals behind the CryptoLocker malware has recently launched a dedicated CryptoLocker decryption service website that allows victims to purchase the decryption key for their infected encrypted files.

Interestingly, Malware inside the system is asking for only 2 Bitcoins ($450 USD) for the decryption keys, whereas the newly launched service price has been significantly increased 10 Bitcoins i.e. Approx $2,100 USD.

Service is available on the website https://yocmvpiarwmfgyg.net/ or https://93.189.44.187/ (Russia based hosting server) and also accessible through the Tor network https://f2d2v7soksbskekh.onion/

Why Hackers has launched the Decryption Service ?
Currently almost all antivirus companies are on Red alert about CryptoLocker malware and they have released updates for their users, that can detect and remove the infection or the registry keys from the system which is actually required to pay the ransom and decryption process. So if malware will get deleted, neither victim will get the decryption keys ever, neither criminal will get paid for it.

So the criminal actors behind the CryptoLocker malware has launched the decryption service website, which is designed to look like a customer support site for victims.

CryptoLocker Ransomware Decryption Service

How the Decryption Service works ?
The victim can upload one of its encrypted files on the service website, which will generate an order number. After uploading, a further order status page will display the date-time of infection and victim's public key.

It will then prompt the user to purchase the private key by paying 10 Bitcoins or approximately $2,200 USD. Once a payment is made, just after the confirmation, the website will allow the user to download a decryption private key and a decrypter tool. Which can be used to decrypt all CryptoLocker encrypted files on the system.

Another interesting fact about the service website is that, if the user has already paid the ransom amount, they will provide the private key and decrypter free of cost.

CryptoLocker Ransomware, A Global threat
CryptoLocker infections were found across different regions, including Europe Middle East, North America and Asia Pacific. Almost 64% victims are from the US.

There are different ways an individual or an organization can handle the CryptoLocker threat. Unfortunately, there is no known tool to decrypt the files encrypted by CryptoLocker, so always take Backup of important Files. Always ensure your system softwares and Antivirus product is up-to-date.

Antivirus firm Bitdefender has just released a tool to protect your files from CryptoLocker. You can Download Anti-CryptoLocker here.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.