- Security experts exploited a vulnerability in the malicious code to decrypt victim’s files.
- CryptoPokemon encrypts the victim's files using SHA256+AES128.
Victims of CryptoPokemon have a good reason to smile. A decryptor key for the nefarious ransomware is now available for free.
The big picture - Security experts have released a free decryptor tool for the ransomware after discovering a vulnerability in the malicious code. They exploited the flaw to decrypt the victim’s files.
“After CryptoPokemon was brought to our attention, Emsisoft security experts were able to find a flaw in the ransomware’s code and create a decrypter that allows you to decrypt your files without paying a cent,” the researchers wrote in a blog post.
About the CryptoPokemon ransomware - First discovered by IntezerLabs, CryptoPokemon encrypts the victim's files using SHA256+AES128. Once it finishes the process of encryption, it leaves a ransom note asking for a ransom of 0.02 Bitcoin in order to decrypt the files.
The note also contains an email address and a website where a victim can contact the attackers.
How does the decryptor work - In order to retrieve the encrypted files without any hassle, the victims are required to follow the steps listed below.
- Make sure to remove the malware from the system first, otherwise it will repeatedly lock the system and encrypt files.
- Download the decryptor key.
- Run the executable and confirm the license agreement when asked.
- Click ‘Start’ to decrypt files.