New CryptoTorLocker2015 Ransomware discovered and easily decrypted

upload a zip file with a encrypted file and ur ransom note, and email it to decryptorbit@outlook.com with the subject "cryptotorlocker 2015" and ill take a look. You prob. Were infected with a different variant.

Hi Lawrence,

I've just been hit with the CryptoLocker virus (strain unknown, I'm not IT proficient, can't figure out how to paste screenshot of virus warning, sorry!)

I also finally clicked on their ransom website (only got an apparent 69hrs left to pay $640AUD/3bitcoins - don't have that disposable cash but desperately need my work files back..I work from home).

I've tried to initiate Nathan's Decrypter app (thanks so much!) but I'm unable to go further with it. Does this mean my viral strain is not the new CryptoTorLocker2015 or I'm doing something simply wrong? I've downloaded & uncompressed the zip file and when I try to open/start it, nothing happens and I'm unsure what to do next.

I also tried various files on the FireEye decryptor but that too doesn't work, assumably it's for the original strain. Message warns that my files aren't affected.

Any ideas?

Would appreciate any help you can provide. Am desperately running out of time and eating into my work time!

upload a zip file with a encrypted file and ur ransom note, and email it to decryptorbit@outlook.com with the subject "cryptotorlocker 2015" and ill take a look. You prob. Were infected with a different variant.

Gee that was quick! Thanks so much Nathan, am doing it now.

minimel,

640 sounds like torrent locker (also named crypto locker), please search for torrentlocker on this site for more info.

What Causes this in the first place? 

Hello Nathan,

I've also infected with this crypto locker... where can I send my sample infected files?

Thanks again Nathan for all your help, really appreciate it, and how quickly you responded

Will start reading up on torrentlocker now and see what I can find..

Cheers

Hi this is what I get when I tried to unzip it 

Do you know whether, if you DO end up paying the ransom, that there's a time limit on the decryption key?

Does it take long to decrypt, given of course the amt and size of files.

I'm getting desperate now as I don't want to risk not finding a solution AND having the ransom double, seeing as it's nearly the weekend and financial transactions may not be 'received' in time.

Hello Nathan,

 

I've also infected with this crypto locker... where can I send my sample infected files?

upload a zip file with a encrypted file and ur ransom note, and email it to decryptorbit@outlook.com with the subject "cryptotorlocker 2015" and ill take a look. 

trucker, u have to disable ur Av temporarily.

ok tried it will not work for me $hit

So I have had over 12 people email me saying that the decrypter wont work or asking me to decrypt files. This is ONLY for CryptoTorLocker 2015, which currently isn't active really. This will not work for CTB Locker, or torrentlocker which is the infections everyone has been emailing me about

Hi all!

I have used the decrypter in a small folder but it doesn´t work.

The message I get  in the end is Ø files decrypted. This folder contains  about ten files encrypted.

It´s  good news  that someone is working for a solution.

Nathan, I send you an email with all you said

Best regards... and Good luck, Andrés 

Edited by Andres Pedreno, 12 February 2015 - 04:05 AM.

Thanks Nathan Um i shall keep this decryptor when i need it but yeah