No Ransom! 14,031 Decryption Keys for CoinVault, BitCryptor Released - How to, Technology and PC Security Forum |

No Ransom! 14,031 Decryption Keys for CoinVault, BitCryptor Released

noransom-kaspersky-bitcryptor-coinvault-closedIt’s good to know that there are security professionals who are constantly seeking ways to fight back ransomware. The file encrypting monster has affected millions of people worldwide.

Fortunately, researchers at Kaspersky Lab haven’t stopped working on ransomware solutions. They recently added 14,031 decryption keys to their free archive. Thanks to the fresh addition, victims of CoinVault and Bitcryptor get the chance to decipher their encrypted files without needing to pay the ransom.

CoinVault and BitCryptor in Numbers

CoinVault and BitCryptor have infected thousands of users. Most users that have fallen victims to the two encrypting threats are located the Netherlands, Germany, the USA, France and the UK. Research indicates that users from at least 100 countries have suffered a CoinVault or BitCryptor infection. Other data reveals that over 1,500 machines running the Windows operating system had the ‘pleasure’ to be successfully locked by the two ransomware pieces.

The Solution is Here Thanks to Kaspersky Lab

Kaspersky Lab detected the first version of CoinVault back in the spring of 2014. The researchers then initiated a comprehensive analysis of the malware samples together with the National High Tech Crime Unit (NHTCU) of the Netherlands’ police and the Netherlands’ National Prosecutors Office.

CoinVault’s C&C Servers Attained

The three ‘departments’ succeeded in obtaining databases from CoinVault’s command & control servers. The databases contained lots of important details that helped the research teams in their investigation.

The Initialization Vectors (IVs), keys and private bitcoin wallets gave the good guys the unique chance to create a special repository of decryption keys. Their database is available at If you are a victim of a variant of the two ransomware, just click on te link and help yourself.

14,031 Keys Available for Victims. Is CoinVault’s Case Closed?

Thanks to the collaboration between researchers and law enforcement, ransomware victims can decrypt their files using the Kaspersky Lab’s database. In addition, the Dutch police arrested two suspects believed to have been involved with the ransomware attacks. It is most likely safe to conclude that CoinVault’s case is officially closed.

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share