The term for this type of malware is ransomware, and currently CoinVault is the most notorious example. Usually installed by way of a compromised website or a phishing email, CoinVault goes a step further than other ransomware and actually shows its victims a list of files and even decrypts one for free, like sending out a hostage in a standoff.
It may sound like the only hope is to pay up and hope you get your files back, but Kaspersky Lab and the National High Tech Crime Unit (NHTCU) of the Dutch police are fighting back. The NHTCU recently acquired a database of CoinVault keys, and Kaspersky has used this database to build a tool to generate CoinVault decryption keys, according to PCWorld.
The tool, simply called “Ransomware Decryptor” is freely downloadable from Kaspersky. While it isn’t 100 percent effective, police are hoping to obtain new keys as the investigation into CoinVault continues. It is hoped that this will help to improve the software, said Kaspersky researcher Jornt van der Wiel.
CoinVault has been infecting Windows computers since November of last year, and while the investigation into those behind it is advancing, computer users are still regularly having their data held hostage by the malware. Police are encouraging those hit by ransomware to contact them, as individual reports have led to the discovery of keys, and even to a lead on a suspect.
If you have friends or relatives who don’t know the dangers of clicking links in strange emails (and don’t we all?), it’s probably worth downloading the tool from Kaspersky and keeping it on hand, just in case.
Editors' Recommendations
- Ransomware gangs are evolving in new and dangerous ways
- Garmin confirms ransomware cyberattack shut down services
