Files encrypted by LockCrypt ransomware can be decrypted

About a year ago, LockCrypt ransomware spread via the RDP protocol, using a dictionary attack to "break" security in the form of login and password. We now know that encrypted data can be decrypted, or at least it is possible for companies that have left files for better times, hoping that in the near future someone will find a way to restore data to the state it was in before the encryption.

LockCrypt Ransomware had several versions, hence some extensions to encrypted files are added. And yes:

  • The files with the .lock, .2018 and .mich tips supposedly can be decrypted, but the official software does not exist. Victims who have kept a backup of encrypted files can contact us for help.
  • At the moment, files with the .bi_d extension can not be decrypted.
  • Files with the .1btc tip can be decrypted for free with the official Bitdefender LockCrypt Decryptor software.

Bitdefender LockCrypt Decryptor

Ransomware does not choose, so as a victim of an attack, regardless of whether you run a small family business or quite a profitable business, you've probably come across messages that pretend to be couriers, mail, banks or law firms. It is possible that most of these infected attachments could be stopped by traditional protection methods, but you never know until the end. If you are reading this short article and you do not have a backup of very important files yet, do not wait for the last minute. Ransomware does not choose.



Add new comment

The content of this field is kept private and will not be shown publicly.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.