New ransomware allows one user file 'free' decrypt
By Dimitri Reijerman , Sunday, November 16, 2014 14:26 , comments: 201 , Views: 31,371 • Feedback
Security firms Webroot has a new ransomware-variant found that the user after encrypting the data from surreptitious provides the ability to decrypt a file called 'free'. Also, the ransom increased for the required key every 24 hours.
The ransomware, CoinVault called , infected Windows systems and encrypts several file types, including documents, compressed files, pictures, videos and ISO files. The makers claim that it is AES-256 encryption. After infection with the malware CoinVault asks for each file in an amount bitcoin, but it offers the user the ability to decrypt any file free of charge. According to this option Webroot provides opportunities to develop a decrypt tool.
The payment process, which takes a file, is offered through a program, while most ransomware victims refers to a website. CoinVault also leaves every 24 hours up the demanded ransom.
CoinVault would be difficult to move away because blocking the various executables. Nevertheless, victims can recover encrypted data via a detour because the malware backups created via Volume Shadow Copy leave them alone.
Source (Google translation) : Tweakers - Wij stellen technologie op de proef