View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 5, 2014

CryptoLocker decryption service surprisingly popular in UK

US still accounts for more than half of key requests from FireEye and Fox-IT.

By Jimmy Nicholls

A decryption service for the CryptoLocker ransomware has seen a disproportionately high uptake among British victims, according to security firms Fox-IT and FireEye.

546 victims contacted DecryptCryptoLocker to have their files unlocked, after criminals accidently gave the keys to the security firms, who decided to supply them to victims free of charge.

Joost Bijl, international sales director at Fox-IT, said: "An interesting fact is that in the UK, relatively more victims have requested their keys than in the US – more than in all other large countries to be precise.

"Only some very small countries with a handful of infections showed greater ratios, which can be attributed to too low statistical sample sizes."

Only 2,900 victims worldwide got in touch with the service to free their files from the grip of the ransomware, which is thought to have collected more than $27m in ransom payments in the first two months of operation.

Since the virus was taken down along with the GameOver Zeus botnet by international police, it has been replaced by other variants, most prominently CryptoWall.

Bijl added that the security firms had been asked whether they could provide keys to some of the other ransomware strains, but said it was "unlikely" they would be able to tackle such viruses anytime soon.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

A support manager from an IT service provider told FireEye: "This is amazing. We had a client that got hit with this and ‘lost’ 17 years worth of data. I opted to keep the files and told them if there was ever a way to fix this, we’d have the data. I honestly never expected to recover the data."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.