New
#1
Good to see the IT/police community ganging up on the sods.
I have wondered, though, how anyone can produce keys when the encryption used is supposed to be virtually uncrackable?
A scheme which enables victims of ransomware to decrypt their files and data for free is now offering even more decryption tools thanks to new partners pledging to help take the fight to cybercriminals.
Launched by Europol, the Dutch National Police, Intel Security, and Kaspersky Lab in July this year, the No More Ransom initiative provides keys to unlocking encrypted files, as well as information on how to avoid getting infected in the first place.
The website initially launched with four tools for unlocking different types of ransomware, including the notorious CryptXXX. During its first two months, No More Ransom helped 2,500 people rescue their data, depriving cybercriminals of more than €1.35 million in ransom.
To date, the scheme has so far helped nearly 6,000 people decrypt devices locked by the likes of MarsJoke, Teslacrypt and Wildfire without needing to pay criminals for the privilege.
Now thirty new partners are joining the scheme, offering new possibilities to the victims of ransomware with a decryption tools for a wider array of the different variants of the malicious file-locking software...
Read more: Hit by ransomware? No More Ransom portal adds 32 more free decryption tools to help you | ZDNet
Good to see the IT/police community ganging up on the sods.
I have wondered, though, how anyone can produce keys when the encryption used is supposed to be virtually uncrackable?
Probably bugs in ransom-ware itself like encryption key hard-coded in or can be found in config file somewhere. Or some bug with encryption engine. Lucky if ransom-ware developers are lazy and make mistakes but they may get fixed in next release so still there is good chance that it would not work.