Although recently there haven’t been incidents of high-profile ransomware like the Wannacry and NotPetya outbreaks, this year, the increase in variants of GandCrab and SamSam demonstrates that the ransomware threat continues to be very active and highly adaptable.
It is believed that malware to block files with GandCrab has infected over half a million victims since it was first detected in January 2018.
With cyber criminals experimenting with self-propagating tactics that are increasingly sophisticated and technical, ransomware could have been a highly profitable option for them, if it were not for the fact that decryption tools No More Ransom prevented some 22 million US dollars making its way into their pockets.
Launched in July 2016, the online portal No More Ransom is now available in 35 different languages and contains 59 free deciphering tools, which cover some 91 typologies of ransomware.
More recently, the Romanian police force, Europol and Bitdefender, published a universal deciphering tool for the aggressive blocking of files by malwareGandCrab. This tool has allowed for the recovery of encrypted files, until now, of over 4,400 victims from over 150 countries, with several hundreds of thousands of victims who may need help.
There are already over 129 members, the latest: Bleeping Computer, Cisco and ESET are new associated members of No MoreRansom, while Microsoft, Symantec, Coveware and Northwind Data Recovery joined a support unit.
Cyprus, Estonia, Scotland and Sweden also joined during the course of last year, which meant that 41 organisms are now involved in law enforcement.
To date, the tools provided by No MoreRansom have managed to decrypt the infected computers of over 72,000 victims worldwide, but there are still many more victims that need help.
The best remedy for ransomware continues to be diligent prevention. Users are recommended to:
- Always have copies of the most important files in a different place: on the cloud, in another unit, in a memory or on another computer.
• Use reliable and up-to-date antivirus programmes.
• Not to download programmes from suspicious sources.
• Not to open files from emails from unknown senders, even if they are thought to be important and credible.
• And if you are victims, never pay the ransom!