How CoinVault or Bitcryptor victims could try to recover their files

In May 2014, the investigators detected numerous attacks based on the  CoinVault ransomware that infected more than 1,500 victims in more than 108 countries.

In April 2015,  the Dutch Public Prosecution Service extracted a set of CoinVault Decryption keys from a database present on a seized command and control server.

The tool included a set of around 750 decryption keys recovered from CoinVault servers hosted in the Netherlands.

In response to the action of the law enforcement, the authors of CoinVault updated their code and released a new version dubbed Bitcryptor.

Now the law enforcement could rely on additional 14,031 decryption keys obtained last month by the Dutch authorities following the arrest of two men in connection with CoinVault and Bitcryptor ransomware attacks.

1. Step 1: If you are infected with CoinVault, just note down the Bitcoin wallet address mentioned by the malware on the screen.
2. Step 2: Get the encrypted file list from ransomware interface.
3. Step 3: Download an effective antivirus and remove CoinVault Ransomware first.
4. Step 4: Open https://noransom.kaspersky.com and download the decryption tool released by Kaspersky Labs.
5. Step 5: Install additional libraries and Decrypt your files.

In order to protect your computer from malware:

• Ensure your system software and antivirus definitions are up-to-date.
• Avoid visits suspicious websites.
• Regularly backup your important files to a separate drive or storage that are only temporarily connected.
• Be on high alert for pop-ups, spam, and unexpected email attachments.