Locker Ransomware Author Regrets Action, Releases Decryption Keys

In what has never happened before, Locker ransomware's creator also called "Poka BrightMinds" has published the data containing the decryption codes with which to unlock the data of PCs the malware infected as well as apologized publicly, published softpedia.com dated June 1, 2015.

It was sometime ago that Locker ransomware appeared with remarkable strangeness as after compromising PCs it didn't start encrypting the targeted folders stored there rather chose to remain dormant while launched its sinister operations at certain time-period like 25th May midnight.

A probable reason why Locker's author acted like this could be that he hadn't arranged the infrastructure needed to garner the ransom monies as well as to automatically provide the decryption codes to victims who paid the same.

However, the author debunked the theory on May 30, 2015 when he apologized on Pastebin and made his entry link up with certain 'Comma-Separated Values' (CSV) database having the details of the manner in which the folders could be unlocked. The database's host was the cloud service Mega.

The so-called creator also asserts that all folders would be decrypted in an automatic way beginning 2nd June midnight.

According to him, there are more than 62,000 rows in the database though the majority of keys remain unused.

Many end-users reported via the Bleeping Computer site that they had found valid decryption keys on the publicly-posted database.

According to CEO Stu Sjouwerman of KnowBe4 the security vendor, one explanation regarding why Locker developer abruptly ended an otherwise successful scam could be that he may've become worried that his action would draw the attention of either organized crime or law enforcement. Origins of several ransomware scams are organized criminal gangs, frequently belonging to Eastern Europe, states Sjouwerman. Networkworld.com reported this, June 1, 2015.

Sjouwerman further states that the malware creator was probably a talented code developer, however, not an expert Internet crook since such foul-up wouldn't ever have occurred in the case of organized cyber-criminals. Perhaps he was employed at a gang like these to develop codes from where he separated to begin an outfit of his own whose effect turned back on him, the CEO contends.

» SPAMfighter News - 6/10/2015