Victims of Cryakl ransomware are now able to get their files back without paying a ransom to cybercriminals, after the decryption key was released for free as part of the No More Ransom initiative.
Launched by Europol in 2016, the scheme brings law enforcement and private industry together in the fight against cybercrime and has helped thousands of ransomware victims retrieve their encrypted files without lining the pockets of crooks.
Cryakl has been active since September 2015 and, like other forms of ransomware, it searches an infected system for files, encrypts them, then demands payment for providing the key needed to retrieve the files. It also threatens to delete the encrypted files if payment isn't received within a week.
The ransomware is most prolific in Russia, but Cryakl has claimed victims across Europe. Kaspersky Lab told ZDNet there has been over 2,000 infections in Italy, over 2,000 in Germany, over 1,000 in Spain and hundreds across the UK, Belgium, France, Poland, and Austria.
Decryption tools for Cryakl ransomware have been added to the No More Ransom portal following work by the Belgian National Police and Kaspersky Lab as part of an ongoing investigation.
After discovering Belgian citizens had fallen victim to Cryakl, an investigation by the Belgian Federal Computer Crime Unit was able to locate the command-and-control server in Germany.
Belgian authorities were able to seize this as well as other servers involved with the distribution of ransomware, then obtain the decryption keys with the aid of forensic analysts and input from Kaspersky Lab.
The investigation is still ongoing, but now victims of Cryakl can regain access to their encrypted files without having to pay criminals.
"Cybersecurity experts work worldwide to help the victims, creating new, previously non-existent tools for decryption," said Jornt van der Wiel, security researcher in the global research and analysis team at Kaspersky Lab.
The Belgium National Police's role in helping to decrypt Cryakl has seen it promoted to become an associate partner in the scheme -- the second law enforcement body to do so after founding member the Dutch National Police.
Europol has also announced new partners for No More Ransom: the Cypriot and Estonian police are the most recent law enforcements agencies to join, while KPN, Telenor, and the College of Professionals in Information and Computing (CPIC) have joined as new private sector partners.
"We are of course happy that the platform keeps growing and that new partners keep joining. We have always been convinced that public private partnership is crucial in the fight against ransomware, and cybercrime in general," a Europol spokesperson told ZDNet.
Since the launch of No More Ransom, the portal has received over 1.6 million visitors from a total of 180 countries. The website is available in 29 languages, with Estonian the most recent addition.