Decryption Tool for LockCrypt Ransomware released



Popular antivirus company Bitdefender release a decryption tool which can recover files encrypted by LockCrypt ransomware . But the catch is that it can only decrypt files encrypted by an older version of LockCrypt ransomware that locks the files with .1btc extension

The Bitdefender decryption tool may not be useful for current victims of the LockCrypt ransomware, but users who still have copies of their (.1btc) encrypted files can use it to recover files. Using the tool is pretty simple, as the interface is self-explanatory.

The LockCrypt ransomware is a ransomware strain that infects victims after hackers use brute-force attacks to break into companies' networks via RDP connections, and then manually run the ransomware's binary.


LockCrypt version Status
.BI_D Not decryptable
.1btc Decryptable using Bitdefender tool
.lock Decryptable (contact Michael Gillespie)
.2018 Decryptable (contact Michael Gillespie)
.mich Decryptable (contact Michael Gillespie)

The ransomware was first spotted in June 2017, and security researchers tracked its authors to a group who was previously active on the Satan Ransomware-as-a-Service portal.

How to protect yourself from WannaCry Ransomware




Yesterday, a massive ransomware campaign hit computer systems of hundreds of private companies and public organizations across the globe. It is believed to be the biggest ransomware attack that the cyber community have ever seen. It has already infected over 75,000 PCs in 99 countries including United States, Russia, Germany, Turkey, Italy, Philippines and Vietnam, India in less than 24 hours.

The ransomware, called "WannaCry," is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. But computers and networks that haven't updated their systems are at risk.

Countries infected with the ransomware


According to a report, the ransomware attack has shut down work at 16 hospitals across the UK after doctors got blocked from accessing patient files. Another report says, 85% of computers at the Spanish telecom firm, Telefonica, has get infected with this malware.

Once infected with the WannaCry ransomware, victims are asked to pay up to $300 in order to remove the infection from their PCs; otherwise, their PCs render unusable, and their files remain locked.

"Affected machines have six hours to pay up and every few hours the ransom goes up," said Kurt Baumgartner, the principal security researcher at security firm Kaspersky Lab. "Most folks that have paid up appear to have paid the initial $300 in the first few hours."

Got scared already? Don't want to be a victim of WannaCry Ransomware?



Here are some easy steps to protect your machine and secure your files from falling hostage to online scammers.


1. Patch you operating system


First of all, if you haven't patched your Windows machines and servers against EternalBlue exploit (MS17-010), do it right now. Following the installation, make sure to reboot the system.

In general, patching your system and installing regular Microsoft updates should secure an average PC user from unwanted vulnerabilities.

2. Beware of emails


Just as with many other ransomware, it can penetrate the system not only through a Windows vulnerability, but also through the “spray-‘n’-pray” phishing attack, which involves spamming users with emails that carry a malicious attachment. The attackers can also lure a victim to click on a URL where malware will be ready to crawl into your machine.

3. Backup your files


It is highly advised, in order to protect yourself from being held hostage to data thieves, to create secure backups of important data on a regular basis. Simply backing up is not enough though, as physically disconnecting the storage device is required to avoid it being infected with ransomware as well. Cloud storage is another option to use, but it makes your data vulnerable to all other kinds of attacks.

4. Get an Anti virus


Install an anti virus if you don't have it already. Also make sure that you run an active anti-virus security suite of tools on your system, and most importantly, always browse the Internet safely.