Landing : Athabascau University

BT Week 7 - CoinVault and Bitcryptor

Bozena Tkaczyk
  • Public
By Bozena Tkaczyk in the group COMP 607: Fall 2015 cohort November 24, 2015 - 10:17am
CoinVault and Bitcryptor variants of ransomware have been declared dead after the authors were arrested and decryption keys were recovered by police.
The alleged authors of the ransomware were arrested on September 14th, 2015, in Amersfoort, Netherlands. Kaspersky Lab played a big part in the investigation and has released the decryption keys as part of its Ransomware Decryptor to help victims get back their data.
Jornt van der Wiel, security researcher for the global research and analysis team at Moscow-based Kaspersky Lab, said in a statement this means "the CoinVault story is ending."
"The remaining victims can retrieve their files and the cybercriminals have been caught, thanks to collaboration between the Dutch police, Kaspersky Lab and Panda Security," van der Wiel said. "The CoinVault investigation has been unique in that we have been able to retrieve all the keys. Through sheer hard work, we were able to disrupt the entire business model of the cybercriminal group."
Adam Kujawa is a head of malware intelligence at Malwarebytes Labs in San Jose, California. According to him, Kaspersky's tool uses the encryption algorithm and block cipher to decrypt user data, but clearly stated that this isn't a solution for ransomware in general.