Skip to main content

Good news!


ONLY FOR THOSE INFECTED WITH 'CRYPTODEFENSE' MALWARE.

I've found a weakness in the malware samples which would allow me to regenerate the private key! . Now it'd be possible to recover files without paying the crooks a penny (though it's not as easy as it sounds). I won't comment any further as I don't want to alert the cyber-crooks.

Comments

  1. AnonymousMarch 21, 2014 at 1:20 PM

    Hello, I am a security researcher as well and I think it's totally true. How do I get in touch with you?

    ReplyDelete

Post a Comment

Popular posts from this blog

Wana Decryptor / WanaCrypt0r

Alright, guys. This is a tough one: However, there's no reason to claim it's impossible to decrypt victims data. These idiots always let something slip through their fingers. Their servers might be found and keys restored to their respective victims. Errors might be found in their code, their key encryption scheme may have some weakness, etc. Let's just let the experts find a way out. By the way, if you want to temporarily protect your PC from this malware, you may do this.
Post a Comment
Read more

Software Utilities and Assistance

We have been requested many times to provide download links to all the tools we have used (and developed) to reverse the encryption schemes of some ransomware. These tools include Network Sniffers, TCP/IP Traffic Dumpers, Hex Editors, Debuggers and so on. For those of you who like to get hands down to work, we'll gladly provide you with them. If you are not a computer geek and just need assistance, send us an E-mail and we'll try to fix your problem. Bear in mind that we get many requests per day, so you must be patient! Sincerely, the HD team.
Post a Comment
Read more

Update: CryptoDefense rebranded to CryptoWall

After the fortune they reaped with CryptoDefense, not only did the crooks buy more computers from a bot net. They also rebranded it to 'CryptoWall' and made considerable changes to its website: + Multilanguage Support + Slight color changes in their website. Now it looks nicer, I confess. + Support (You can message them in case you need help)  - Their English sucks, so I haven't noticed any improvement in this area. * Ransomware notes are now named as: DECRYPT_INSTRUCTION.txt DECRYPT_INSTRUCTION.html DECRYPT_INSTRUCTION.url What does it mean to 'buy computers'? Most computers that were hit by this nasty ransomware had been previosuly infected by a botnet. A botnet is a network of infected computers that can be spied and controlled by their masters (those who own the botnet network).  These computer programs are usually used to gather users' credentials to home-banking and to perform DDoS attacks on websites, etc. (Yes, you can pay these croo
2 comments
Read more