The success of ransomware means the number of cybercriminals looking to cash in on the file-encrypting malware appears to be ever increasing, whether they build it themselves or buy it from distributors in underground online marketplaces.
In order to help victims, Bitdefender has released a free software suite that identifies which family and sub-version of ransomware has locked the victim's data and leads them to the appropriate decryption tool, if it exists.
The Bitdefender Ransomware Recognition Tool analyses the ransom note and the encrypted file samples to identify the strain of ransomware and suggest a decryption tool based on indicators of confidence. If the ransomware has an associated decryption tool, the platform provides a link to it in order to allow the victim to retrieve the files for free.
"Ransomware has become one of the most prolific criminal businesses to date. The immediate payoff and the huge amounts of money have made ransomware a very common occurrence," Bogdan Botezatu, senior e-threat analyst at Bitdefender, told ZDNet.
"Our new tool aims at helping as many people get back their data without paying for the ransom in order to minimise the impact on the user, as well as to minimise the profitability of such businesses."
While also involved with No More Ransom -- the collaborative partnership involving law enforcement and cybersecurity firms coming together to provide a decryption tool portal for ransomware families -- Bitdefender wants to reduce the number of steps victims need to take before getting their hands on a decryption tool.
"Bitdefender Ransomware Recognition wants to be a standalone tool that does the identification and then automatically downloads the proper decryption tool, if one is available. We plan to release more decryption utilities in the near future in order to cover all potentially decryptable infection case," said Botezatu.