Kaspersky, police fighting ransomware with freely downloadable tool


No good can come out of your computer being infected by malware, but there are varying levels of bad. Having your data held hostage by an anonymous hacker unless you pay an exorbitant fee? That scores pretty high on the bad scale.

The term for this type of malware is ransomware, and currently CoinVault is the most notorious example. Usually installed by way of a compromised website or a phishing email, CoinVault goes a step further than other ransomware and actually shows its victims a list of files and even decrypts one for free, like sending out a hostage in a standoff.

It may sound like the only hope is to pay up and hope you get your files back, but Kaspersky Lab and the National High Tech Crime Unit (NHTCU) of the Dutch police are fighting back. The NHTCU recently acquired a database of CoinVault keys, and Kaspersky has used this database to build a tool to generate CoinVault decryption keys, according to PCWorld.

The tool, simply called “Ransomware Decryptor” is freely downloadable from Kaspersky. While it isn’t 100 percent effective, police are hoping to obtain new keys as the investigation into CoinVault continues. It is hoped that this will help to improve the software, said Kaspersky researcher Jornt van der Wiel.

CoinVault has been infecting Windows computers since November of last year, and while the investigation into those behind it is advancing, computer users are still regularly having their data held hostage by the malware. Police are encouraging those hit by ransomware to contact them, as individual reports have led to the discovery of keys, and even to a lead on a suspect.

If you have friends or relatives who don’t know the dangers of clicking links in strange emails (and don’t we all?), it’s probably worth downloading the tool from Kaspersky and keeping it on hand, just in case.