BTCWare Ransomware Master Decryption Key has Been Made Public

During these trying times of Bitcoin ransomware, it is good to know some threats are nullified in the end. BTCWare, a lesser-known type of Bitcoin ransomware, can now be decrypted free of charge. For an unknown reason, the master key has been released to the public. This allowed researchers to reverse engineer the ransomware and ensure all BTCWare victims will not have to worry about paying the ransom.

BTCWare Is No longer A Threat

Given the mounting number of Bitcoin ransomware types, it can become quite difficult to keep track of things. BTCWare, a type of malicious software successfully making the rounds for some months now, can now be decrypted completely free of charge. An initial decryptor has been released for this malicious software earlier this month, but a finalized version is now available for everyone.

It remains unclear why the BTCWare developers suddenly decided to release the master decryption key, though. It is not the first time we see this type of behavior from criminals, even though their motives always remain a bit of a mystery. This new master decryption key released is no different in this regard, but that is of little concern to most people right now.

As we have seen in previous cases, the master decryption key suddenly found its way to the BleepingComputer forums. It appears criminals often release these keys on this forum in the hopes of it getting picked up quickly by security researchers to develop a decryption tool. It is unclear if the key was posted by the original BTCWare developer, though, but it is a possibility. Then again, this could also be an individual from a  competing ransomware group trying to take out the competition.

Contrary to what most people may think, BTCWare is a pretty active ransomware strain so far. It first started appearing in march of 2017, when it was still known as CrptXXX. It is not uncommon for ransomware types to undergo a re-brand after security researchers become aware of its existence. The updated version of this source code went by the name of BTCWare, although it was not the latest iteration of this malicious software by any means.

Even though BTCWare has been successfully making the rounds, it seems not much money has been made from it so far. With an average of ten infections per day, it is evident this malicious software was not as prevalent as the developers may have wanted it to be. Interestingly enough, two of the three existing BTCWare strains could be decrypted through a brute-forcing script, indicating the development of this tool was a bit of a half-assed job in the end.

It is good to know some types of ransomware will no longer pose a problem whatsoever. There are still hundreds of threats out there, though, and the fight is far from over. It doesn’t appear criminals will stop using ransomware and other types of malicious software anytime soon, though.  Making money remains their top priority, and there is no reason to fix something that isn’t broken.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.