- Jan 24, 2011
- 9,378
In a surprise move, the master decryption keys for the CrySiS Ransomware have been released early this morning in a post on the BleepingComputer.com forums. At approximately 1 AM EST, a member named crss7777 created a post in the CrySiS support topic at BleepingComputer with a Pastebin link to a C header file containing the actual master decryption keys and information on how to utilize them,
These keys have already been used by Kaspersky Labs to update their RakhniDecryptor program so that it can be used to decrypt victim's files.
Though the identity of crss7777 is not currently known, the intimate knowledge they have regarding the structure of the master decryption keys and the fact that they released the keys as a C header file indicates that they may be one of the developers of the CrySiS ransomware. Why the keys were released is also unknown, but it may be due to the increasing pressure by law enforcement on ransomware infections and the developers behind them.
When the released keys were examined by Kaspersky Lab it was determined that these keys were legitimate. Using these keys, Kaspersky have updated their RakhniDecryptor program so that it can now decrypt CrySiS encrypted files.
Read more: Master Decryption Keys and Decryptor for the Crysis Ransomware Released.
These keys have already been used by Kaspersky Labs to update their RakhniDecryptor program so that it can be used to decrypt victim's files.
Though the identity of crss7777 is not currently known, the intimate knowledge they have regarding the structure of the master decryption keys and the fact that they released the keys as a C header file indicates that they may be one of the developers of the CrySiS ransomware. Why the keys were released is also unknown, but it may be due to the increasing pressure by law enforcement on ransomware infections and the developers behind them.
When the released keys were examined by Kaspersky Lab it was determined that these keys were legitimate. Using these keys, Kaspersky have updated their RakhniDecryptor program so that it can now decrypt CrySiS encrypted files.
Read more: Master Decryption Keys and Decryptor for the Crysis Ransomware Released.
