Malware, Network Security, Ransomware

Bitdefender introduces ransomware recognition tool and BTCWare decryptor

Bitdefender on Tuesday unveiled two new free tools to fight ransomware: one that helps identify which malware family has infected a particular device, and one that decrypts BTCWare ransomware.

The first tool, hosted on the Bitdefender cloud, analyzes the ransom note and encrypted file samples found on a victimized machine in order to classify the family and subversion of ransomware that's responsible for an attack. When possible, the tool will also recommend a decryption tool to mitigate the infection. When unable to narrow down the culprit to just one malware program, the tool will list all of the possible ransomwares, with a percentage of confidence next to each one.

The decryptor tool, meanwhile, is designed to neutralize BTCWare ransomware, which was discovered in March 2017. According to Bitdefender, the ransomware uses three different cyphers to encrypt data, and appends nine different extensions to affected files.

In a Bitdefender Labs blog post, the company explains that in order to build its tool, "we used leaked private keys that can decrypt almost all versions of the malware (v1, v2 and v3 ), as well as the .master extension in version 4 of the malware. We are also working to add some optimized brute-forcing technologies to cover the instances in which the leaked keys don't work."

The tool also performs a test on five random files before decrypting the rest of the machine's contents, in order to ensure that it won't cause further file damage. Decryption may not work in some cases, Bitdefender warns.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.