A few days ago, the Electronic Crime Prosecution with a press release he warned the Greek online community for the appearance of Locky ransomware. But since the technology is running and they probably didn't get the good news, we will announce it to you.
The developer software encryption key used by the Locky ransomware released the decryption keys for the malware's victims.
Files of users affected by the ransomware are locked with AES encryption. All files affected by the malware have the .locked extension, which will not go away unless the affected users pay the ransom that scammers ask for. (0,5 BTC is about $210).
The unknown developer of Locky uses the EDA2 software to encrypt.
Big mistake.
Project developer EDA2 deliberately left a backdoor in his code to make sure he could control possible software abuses.
So Utku Sen, the man behind the project, in this case had a passage to take the decryption keys, and then immediately released freely for download. (The download link is at the end of the publication).
Here, let's mention that malware developers will not be left with their hands crossed, and we think Lócky will be back with a new version.
However, those who are infected can unlock their files without paying a ransom. Decrypt your files with the keys below, and next time pay more attention to the files you download on your computer. The intentions of all are not the same.
Update: After dealing with the issue, as long as we did not have a computer infected with Locky, we found that these keys do not concern files that are encrypted and have .locky intent. Therefore, they concern different malware.