Anyone who has caught the LockerGoga blackmail trojan on Windows can now decrypt their data without paying a ransom.
Developers from anti-virus software maker Bitdefender have released a free decryption tool for data captured by LockerGoga ransomware.
BDLockerGogaDecryptTool is now available for download. Instructions are available as a PDF. The malware targets files of all kinds under Windows and encrypts them. The attackers only want to hand over the key for the files when the victims pay a ransom.
Decryption tools developed by security researchers for other encryption Trojans have appeared in the past. Developers often target vulnerabilities in the ransomware code. The background to the development in this case is not yet known.
Since the masterminds behind LockerGoga were arrested in late 2021, Bitdefender may have had access to the criminals’ private keys. The tool is said to have been created in cooperation with Europol and the Zurich cantonal police, among others.
After starting the tool, Bitdefender recommends activating the “Backup files” option. If something goes wrong with the encryption, the encrypted data is still available. In addition to the entire hard drive, the tool can also search for encrypted files with the “.locked” extension in selected folders.
In order for the decryption to work, the computer must be connected to the Internet and the ransom message must be in the selected path. If this is the case, the process begins with a click on “Start now”. If you want, you can also run the tool from the command line.