I’ll show you where to find the keys to decrypt your data!
The toolkit EDA2 was originally created to demonstrate how ransomware works. When creating common ransomware, this toolkit can be used as a base.
The author of the toolkit, Utku Sen, implemented a backdoor in his code to prevent abuse.
The developers used EDA2 as a base for the extortion software, and implemented unwittingly a mechanism which makes their own malicious code harmless; the developers of the ransomware did not know about this hidden vulnerability.
Many versions of common ransomware can be decrypted using the following published keys.
A list of the published decryption keys can be found here:
In the first release of this article I wrote that this toolkit was used as basis for the ransomware Locky. This statement was based on the article by theregister.co.uk.
This statement was revoked by theregister.co.uk:
These codes are no decryption codes for Locky, but decryption codes for another new ransomware.