Computer security experts and researchers from the firms Fox-IT and FireEye have collaborated to reverse engineer the CryptoLocker software in a project they called "Operation Tovar."Â Cry... CryptoLocker victims able to decrypt their files for free
Could this lead to an lawsuit against these companies for denial of profits? I hope not, but then that would also expose them (CryptoLocker) for who they really are.
No, they cant, as what they are doing in the first place is black mail, which is illegal, in most countries.
To me it all sounds too fishy... ...many fall victims of CryptoLocker... ...several days of hectic action and confusion... ...now a selfless Knight on a white horse (though relatively unknown to anyone) appears and gives a cure to everyone for free... I do not believe it's a coincidense or that these companies don't have anything to do with the initial CryptoLocker outbreak.
Good PR. Puts their name on the victims short list if the victim needs a service that is offered by the White Knight.
Won't the CryptoLocker guys just change their encryption algorithm / master key or whatever they use?
Although this is of course great news for those victims, this has me kinda worried. Is't encryption software supposed to be unbreakable ? What about users who use it for legit reasons or businesses. You can protect yourself with such software (ex DiskCryptor, Truecrypt , BitLocker, …), but if all it takes is to send an encrypted sample to some decryption company, this might be a serious problem for some.
This encryption is extortionware, it is not a retail product. Its encryption is just to f*ck over unsuspecting people and hope as many as possible party to get their stuff back. It only needs to be good enough for this purpose, not to protect against some cyber criminal stealing personal information.
Although most common and easiest to 'crack', AES encryption is pretty commonly used in businesses. I guess people need to step up and go for more complex algorithms.