Good news for people whose computers were unluckily infected by the CoinVault or Bitcryptor ransomware-Your encrypted files can be recovered for free, that is, if you still have them. Researchers from Kaspersky Lab obtained the encryption keys from command-and-control-servers that were used by the ransomware threats. Kaspersky’s ransomware decryption service, originally set up in April, has uploaded a set of 750 keys recovered from the servers.
The two men connected with the CoinVault and Bitcryptor ransomeware attacks were arrested in September. The arrests led to the recovery of around 14,000 additional decryption keys which have been added to the research lab’s repository, noransom.kaspersky.com
After the CoinVault ransomware program was first documented by the Kaspersky researchers, the National High Tech Crime Unit of the Dutch police seized and recovered decryption keys from a CoinVault server. However, after that raid the program authors ultimately created a new version called Bitcryptor.
The Kapersky lab has since closed the Coinvault case after the arrests and recovery of the all the decryption keys. Sadly, victims of other such ransomware are not so lucky. Many times there is little security agencies can do to recover victims’ files, so unfortunately it is sometimes advised to just pay the ransoms.