If you thought the threat actors behind ransomware are heartless criminals, think again. The person who made the AstraLocker ransomware virus had a change of heart and shut down the malware. They even gave the decryption keys to Virus Total.
The news comes from a Blooming Computer report after the AstraLocker developer contacted them. The developer told Bleeping Computer that it’s fun to run AstraLocker, but it was time to shut it down. See? They are not all bad.
AstraLocker was a malicious virus that has returned to normal antiviral protections exploding the victim’s computer with a full virus load directly from a Word document. This tricked the antivirus into thinking it was a normal operation. To get around sandboxing, the virus was checked to see if it was running on a virtual machine and would kill processes if it were, allowing it into the actual computer.
Once on board the machine, it would do what all the lockers do: encrypt the hard drive and force the victim to pay money to unlock it. It was the computer version of smash-and-grab.
AstraLocker was a lesser known virus until the developer released version 2.0 earlier this year. Then several websites started report on itand police began to be interested in the virus. Although we here at Digital Trends like to think that the developer of the virus was simply a misunderstood person who had a change of heart, some suggest that it was the growing attention of federal agencies that motivated the shutdown.
Anyone who has their files locked with AstraLocker malware can contact Virus Total for the decryption keys. VirusTotal is a free collaboration between more than 70 antivirus and computer spy companies. It serves as a kind of knowledge database of all the computer viruses we know about, and they explore ways to combat them.
The AstraLocker developer kindly dropped the decryption keys into a ZIP file with VirusTotal before running away. Now that the anonymous programmer had shown himself to be a kind and compassionate member of the human family, they had promised to change their ways.
“I’m done with ransomware,” the developer told Bleeping Computer. “I’m switching to cryptojacking.”