.locked extension ransomware decryption keys

Security researcher Utku Sen, has released decryption keys for ransomware which encypts file with .locked extension.

Latest ransomware which was released last week encrypts users’ files using AES encryption, appends the .LOCKED extension to all files, and demands that victims pay a fee of 0.5 BTC (approximately US $210) in exchange for the decryption key, which is standard price for a ransomware.

After release of this ransomware, in a day the malware was capable of infecting 700 users where 3 users paid the ransome to the attacker. In early days this ransomware was named as “Magic” which was developed as file encrypting project named as “EDA2”.

Eda2 abandoned

Developer utku sen had intentionally kept backdoor in this project to check potential abuse of his code. It is this backdoor access Sen leveraged in this particular case to obtain a list of decryption keys, you can check the list with computer name with decryption keys which is available here.

Decryption keys

We should thank Utku Sen for helping the hundreds of users affected by this ransomware.

Manish Dangol

Leave a Reply

Your email address will not be published. Required fields are marked *