This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

CTB LOCKER ENCRYPTION KEY

0

Hello all. New to this program. In my research dealing with this infection, I've read that Wireshark can sometimes be used to pull the decryption key. I need to decrypt files locked by this. Can anyone tell me how to go about trying this? Thanks

asked 14 Jul '15, 11:26

Raven's gravatar image

Raven
6112
accept rate: 0%


One Answer:

0

I would just wipe your computer and restore your files from backup. New ransomware has encrypted communications, and the decrypt keys reside on the attacker's server, only to be sent if paid.

answered 15 Jul '15, 12:00

zer0day's gravatar image

zer0day
217811
accept rate: 60%