This initiative wants to help ransomware victims decrypt their files for free

Europol, Dutch Police, Intel Security, and Kaspersky Lab have teamed up to launch the 'No More Ransom' scheme, in an effort to fight the threat of extortion by hackers.
Written by Danny Palmer, Senior Writer

Infected by ransomware? Now you might not need to pay criminals the fee they want. (Image: iStock)

It's easy for those infected with ransomware to believe that it's game over, and the only way they're going to get their data back is to give in to cybercriminals' demands and hand over a fee.

With ransomware increasingly targeting corporate networks as well as consumer machines, there's even more scope for hackers who don't get the ransom they desire to do huge amounts of damage by deleting vital files.

But now law enforcement agencies and security firms have teamed up to launch a scheme designed to help ransomware victims retrieve their data without succumbing to the will of cyber extortionists.

The "No More Ransom" initiative sees Europol, the Dutch National Police, Intel Security, and Kaspersky Lab join forces to create a portal that provides keys to unlocking encrypted files, as well as information on how to avoid getting infected in the first place.

At launch, NoMoreRansom.org contains four tools for unlocking different types of ransomware, including the notorious CryptXXX, which not only encrypts files on the infected PC but also attacks any files on connected storage devices, steals cryptocurrency wallet funds, and may send sensitive data to cyberattackers, putting victims at further risk of hacking.

The partnership has also released a decryption tool for the Shade malware, which was built after authorities seized the command and control centre used to store keys for the ransomware. These keys were shared with Kaspersky Lab and Intel Security, which worked together to develop over 160,000 keys that can be used by Shade victims to retrieve data without paying a ransom to cybercriminals.

According to Europol, the European Union's law enforcement agency, it's this sort of success that demonstrates why it's important for private security firms and government enforcement agencies to work together.

"For a few years now, ransomware has become a dominant concern for EU law enforcement. It is a problem affecting citizens and business alike, computers, and mobile devices, with criminals developing more sophisticated techniques to cause the highest impact on the victim's data," said Wil van Gemert, Europol's deputy director of operations.

"Initiatives like the No More Ransom project show that linking expertise and joining forces is the way to go in the successful fight against cybercrime. We expect to help many people to recover control over their files, while raising awareness and educating the population on how to maintain their devices clean from malware," he added.

The No More Ransom website is set to be continually updated with more information about threats, and other security firms are encouraged to contribute advice or tools that can help victims of ransomware.

In total, No More Ransom currently provides decryption tools for the Shade, Coinvault, Rannoh, and Rakhn families of ransomware.

The website also noted that "not every type of ransomware has a solution", but even if there's no way of retrieving files without paying, the authorities and security firms advise victims not to give in -- because not only does it encourage cybercriminals by showing them that ransomware works, but there's no guarantee they'll release the files after receiving the ransom.


Editorial standards