• Security experts exploited a vulnerability in the malicious code to decrypt victim’s files.
  • CryptoPokemon encrypts the victim's files using SHA256+AES128.

Victims of CryptoPokemon have a good reason to smile. A decryptor key for the nefarious ransomware is now available for free.

The big picture - Security experts have released a free decryptor tool for the ransomware after discovering a vulnerability in the malicious code. They exploited the flaw to decrypt the victim’s files.

“After CryptoPokemon was brought to our attention, Emsisoft security experts were able to find a flaw in the ransomware’s code and create a decrypter that allows you to decrypt your files without paying a cent,” the researchers wrote in a blog post.

About the CryptoPokemon ransomware - First discovered by IntezerLabs, CryptoPokemon encrypts the victim's files using SHA256+AES128. Once it finishes the process of encryption, it leaves a ransom note asking for a ransom of 0.02 Bitcoin in order to decrypt the files.

The note also contains an email address and a website where a victim can contact the attackers.

How does the decryptor work - In order to retrieve the encrypted files without any hassle, the victims are required to follow the steps listed below.

  • Make sure to remove the malware from the system first, otherwise it will repeatedly lock the system and encrypt files.
  • Download the decryptor key.
  • Run the executable and confirm the license agreement when asked.
  • Click ‘Start’ to decrypt files.
Cyware Publisher