[xxxmadraxxx]

Of course, the conspiracy theorist might say that it's a bit too convenient to suppose the hitherto extremely clever criminals helpfully and stupidly copied their private keys across to computers controlled by 'the feds'. A bit like those supposedly 'random' police stopping of vehicles which turn out to be full of drugs or explosives.

Maybe public/private key pairs aren't as secure as we've been lead to believe.

[sillysaurus3]

RSA-2048 is fundamentally broken, only they know about the flaw, and rather than exploit that advantage in any of the innumerable ways it could be advantageous, they decided to make a web service?

[MasterScrat]

Or maybe they got their hands on the keys some other way they're not willing to disclose.

[enneff]

It is likely that they were able to compromise the bad guys' systems and steal the private keys, which in itself is against the law.

[obitoo]

Technically yes, but in practice only if the bad guys file charges and/or assist the authorities with evidence, ie their machines.

[a2tech]

Or maybe FoxIT was behind cryptolocker all along and once the ransom money stopped pouring in they released their database to look like good guys..tinfoil hat

[runeks]

That would be interesting. Especially the discussion of whether this is morally acceptable (ie. doing illegal things to obtain the private keys from the malware designers).