Friday, 25 October 2013

Easiest way to Pay in Bitcoin for Cryptolocker Virus in the UK

First of all it should be clear that if you have been infected by the Cryptolocker Virus you are being scammed and you should try to avoid paying the ransom. That said the encrypted files cannot be decrypted without paying cleverly leaving some people with no choice. This is a guide for those left without a choice who wish to pay the ransom using Bitcoins.

Beware it is always possible that paying the ransom may not work - this is very rare, but if it happens the payment cannot be reversed and your files will be lost. In other cases 99% of files are recovered but a handful get corrupted.

All victims should call action fraud on 0300 123 2040. If the bitcoin payment is not done before the time runs out you will not recover your encrypted files.

I should also disclose that I am one of the operators of Quickbitcoin.


What do you need before following this tutorial?
  • online banking (or another way to make a bank transfer e.g. telephone banking or in branch)
  • an infected computer with files you need to decrypt
  • Ideally plenty of time left on the timer - over 6 hours is safest, although it may work with around 1 hour if us folks at Quickbitcoin are online.
Most of you will be presented with a screen similar to this:


Click next and you will get this screen:

Choose Bitcoin from the dropdown. You will be asked to send 2BTC (bitcoins) to an address in the following format:

  • 14sYqe98iFnbav4LS1JCDAQkLgWEtUNQGm

Make sure you use the address you have been asked to send to. The address above is not the one you should send to. Please do not purchase bitcoins to be sent directly to the fraudsters Quickbitcoin will have no way of knowing if they are sending coins after the deadline has past and there would be no way of recovering the payment.

The first thing you need to do is set up a bitcoin wallet. Go to: https://blockchain.info/wallet/new and register an account. Once you have logged into your account there should be a wallet address displayed on your account page:

The long code is the address of your new bitcoin wallet. You now need to purchase 2 Bitcoins so you can send them to the fraudsters. Keep this page open as you will need to return to it later in the process. Also be aware that if you lose your password there is no way to recover it.


Go to https://quickbitcoin.co.uk/ - They will sell you bitcoins in return for a UK bank transfer.

In the field saying 'Your wallet address' enter the bitcoin address you just set up.


On the next page you need to fill in your details. This includes name, email, account number and sort code. The bank details are required in case something goes wrong and Quickbitcoins need to refund you. Once you have filled that out you will be presented with the confirmation screen below:


Click Confirm and the next screen instructs you to make the payment through your online banking


You should now log into your online banking (or call telephone banking, or go into a branch) and make the payment as detailed in the instructions page. My example reference here is QGNUODJ - please make sure you use your own as presented on the website else the process can be delayed.

Once you have made the payment click Payment Sent and the order will change to 'processing'.


Quickbitcoin operates in both London and Vancouver time zones. This means that normally between the hours of 9am and 2am UK time the transaction will be processed within 10 minutes. It is possible however for them to take up to 6 hours. If you buy bitcoins through Quickbitcoin and you miss the deadline they are happy to refund the payment as long as you can return the bitcoins. Refunds normally take 24h to process.


Once Quickbitcoin have sent you the bitcoins you should receive an email with a link to the transaction ID to show they have paid you. This is the same type of ID (but a different one) to the ID you need to send to Cryptolocker. Now that you have the bitcoins you should make a payment from your blockchain.info wallet to the address Cryptolocker is asking you to pay to. If you are unable to send you may need to wait a little for another confirmation (approx 10 minutes / confirmation).

Go back to the blockchain.info wallet you set up earlier and make a payment:



In the 'To' field enter the wallet address Cryptolocker asked you to pay to. This can be found on the window shown by the virus.

Once you have sent the payment search for their address in the search box in the top right corner of blockchain.info:


This will take you to a page like the following:

Under the 'Transactions' area you should see a single transaction. On the left it shows the wallet it came from (your wallet), and on the right the wallet it went to (Cryptolocker waller). Above that is a long ID. This is the transaction ID:


Remember to get your transaction ID, not just the one I've shown above.

Most of the time you will only see one transaction. If multiple transactions are shown then you need to use the one which was paid from your blockchain wallet to the address Cryptolocker provided and use the ID from that transaction. Just search through the transactions for your wallet address and it should match up.

Now all you have to do is enter that transaction ID into the Cryptolocker virus window. Once you do that you will be informed that the transaction is pending manual confirmation from the hackers. During this time the timer will stop and a few hours later you files should start being decrypted.


I really hope this tutorial has been helpful to you and that you managed to recover your files. This virus has given a lot of people very bad introduction to Bitcoin which is a great new technology. To date, and to my knowledge, there are now 2 london pubs accepting bitcoin as well as a range of online shops. Bitcoin as a currency has the advantage over traditional currencies that the banks are unable to levy charges on it. I won't cover all the advantages here, but I hope the experience with the virus has not put you off completely. After all, we've all been ripped off in £ and $ before and yet continue to use them.

If you have any questions and need help please leave a comment below, or email Quickbitcoin at info@quickbitcoin.co.uk

Tuesday, 22 October 2013

How to play .m3u8 video files

.m3u8 files are effectively playlists for video content designed to be played on a mobile device. They also allow seamless switching between high and low resolution video files for when your 3G connection speed varies.

The easiest way to play m3u8 files is to open them on a browser on your iphone or android device. It is also possible to play them through safari using the following html:

<html>
  <video src="http://yourserver.com/playlist.m3u8"></video>
</html>

Either way you have to serve the video over http using a web server. You cannot simply drag it into your browser.

Thursday, 17 October 2013

Why password security requirements hand the advantage to the hackers!

Most of you will have come across a variation of this message at one point in your life:

"The password you entered doesn't meet the minimum security requirements."

Every 3 months the security policy on my work email forces me to change my password. This is understandable, but it can't be the same password as any previous passwords you have had, it has to have 8 characters or more including lower case, upper case, punctuation and at least 2 numbers

A simple password to remember could be:
'the cat walked down the road and sat down'
This is a 41 character password which would take hackers years and year to break even though it is so simple for the human mind to remember.

Of course this would not pass the security policy so this needs to be changed to:
'The cat walked d0wn the r0ad and sat down!'
This is now impossible to remember so the user has two choices:

Either write the password down somewhere totally insecure.
Or make an easier password:
'passw0rd1!'

This password is only 9 characters and passes the security policy tests without a problem. That said according to https://howsecureismypassword.net/ it would take 344 days to break this password whereas the 41 character password would take 479,245,873,413,199,200,000,000,000,000,000,000,000,000,000,000,000 years

Obviously I have no idea how to say that number out loud but it's billions of times more secure.

This is a cry for help to all systems administrators: Get rid of these ridiculous security policies. If you require a certain length password that is fine, but the rest of the policies at utter nonsense.

Please share this post if password policies have **** *** *** (annoyed you).