Scam Cryptolocker file decryption tools start making an appearance

Many people have lost their data and money to ransomware like GameOver Zeus and Cryptolocker. While users are still recovering from the losses there is yet another breed of malware writers that are exploiting the hysteria and chaos created by Cryptolocker. They are doing it by offering ‘tools’ to decrypt the files locked by Cryptolocker!


Microsoft and CBI together temporarily took down the botnet which distributed these malware. What really made news is the damage done by these viruses across the world! According to the sources, these botnets together extorted millions and millions of dollars; out of which, over $ 100 million were extorted by GameOver Zeus alone, while the amount of money attributed by Cryptolocker seems to be countless! Both these botnets extorted money from the victims in the exchange for keys to decrypt the files and recover their data that was hacked by these viruses.

The Cryptolocker Ransomware encrypts all your files and then asks for anything between $100 to $900 as ransom money, before handing you over the keys to all your data – and there is a clock ticking before which you have to make the transaction.

Taking undue advantage of this, a massive phishing campaign has been started and viruses are already being distributed in extremely large numbers as attachments to spam emails under false pretenses that they are Cryptolocker file decryption tools.

Cryptolocker has used a tough encryption method which cannot be cracked, as of the date. In fact, these so-called tools themselves could be malware. In some cases, what supposedly a registry cleaner, gets installed on your computer. The victim is then tricked into buying the software tool which supposedly decrypts the files.

People should not be tricked: if they pay for this software, the only outcome is that they will help Cryptolocker and GameOver Zeus indirectly cause more financial damage, says BullGuard.

Users should thus remain careful when dealing with such emails and their attachments and they should have a strong Internet Security software installed on their Windows systems.

You could also take additional steps to block or prevent Cryptolocker ransomware attacks using CryptoPreventCryptolocker Prevention Kit, CryptoLocker Tripwire and HitmanPro.Alert – and by following some steps to take to stay protected & secure, by preventing Ransomware from getting onto your Windows computer.

Posted by with Tags
Anand Khanse is the Admin of, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. He enjoys following and reporting Microsoft news and developments in the world of Personal Computing & Social Media.

Leave a Reply

Your email address will not be published. Required fields are marked *

3 + 8 =