Kaspersky releases CoinVault Decryptor

By on
Kaspersky releases CoinVault Decryptor

Kaspersky Labs has released CoinVault Decryptor, a free tool which may help victims of the CoinVault ransomware to decrypt their files.

The program works by using a set of decryption keys recovered by the Danish police. Unfortunately it isn’t a full set, and so the Decryptor won’t work for everyone.

To try the process you’ll need the Bitcoin wallet address where the malware was requesting payment, and ideally the list of encrypted files. Both are available from CoinVault’s initial alert screen.

CoinVault Decryptor

If Kaspersky has your CoinVault decryption keys – if – then file recovery is very easy

Enter the malware’s Bitcoin address at noransom.kaspersky.com, and if your decryption keys are on the list then one or more key/ IV pairs will be displayed.

If you have a single key/ IV pair then the decryption process is relatively simple: point the app at your file list, enter the IV and key, click Start and wait.

If there are multiple keys/ IVs then Kaspersky recommends being careful, as it’s not yet clear which one – if any – is correct. Essentially you’ll need to try each pair in turn until you find one that works, then repeat the process for your other files.

CoinVault Decryptor is available now, and if you need more help then there’s a PDF manual here.

This article originally appeared at softwarecrew.co.uk

Copyright Software Crew
Tags:

Most Read Articles

You must be a registered member of Business IT to post a comment.
| Register

Poll

What would you like to see more of on BiT?
News
Reviews
Features
How To's
Lollies
Photo Galleries
Videos
Opinion
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?