Brief post today because something caught my eye. A few news outlets are reporting that the creators of CryptoLocker have (out of the goodness of their hearts, no doubt) created a way for people to decrypt their files after the 72 hour window has passed.
The catch? They want 10 BTC, which works out to about $2000 at current exchange rates.
The process is a bit intriguing to security experts for another reason, though. In order to retrieve the private key needed for the decryption, you have to visit a TOR site and upload one of your encrypted files. The page then says that it will "search" for your private key and that it may take "up to 24 hours" for the search to complete.
Some are now speculating that what's happening on the other side is that the CryptoLocker server is actually bruteforcing its own encryption and then sending the private key back to the victim. Whether or not this is actually the case is unclear, but it could have some interesting implications.
As always, a stark reminder to keep regular backups.