To date, the website No More Ransom providing ransomware decryption has helped over 6 million victims to recover their files, and has kept nearly 1 billion euros out of the hands of cybercriminals, as it has announced in a recent press release.
Launched five years ago, No More Ransom is supported by cooperation between the European Cybercrime Centre and various cybersecurity companies such as Kaspersky, McAfee, Barracuda and AWS. Its aim is to prevent victims from paying money that will then help to create even more ransomware attacks, according to Europol.
No More Ransom lists decryption programs so that victims of ransomware don’t have to pay to recover their data, thus preventing the hackers from receiving the money. For this reason they insist that ransom amounts must not be paid since, in any case, there is no guarantee that victims will be given the decryption key they need.
The group directs victims to their Crypto Sheriff tool. There the victims can introduce the URL (Internet address) of Bitcoin given by the hackers so that the ransom can be paid. The tool searches in the No More Ransom database, where the offers listed have grown from the four initial descriptors from 2016 to the present list of 121 tools proposed for decrypting some 152 families of ransomware. According to the group, the service is free and is available in 37 languages.
If there is no decryption tool available for a specific ransomware virus, users are advised to continue to check the list, since No More Ransom regularly adds new descriptors.
Keeping regular security copies continues to be the best way to protect your data from a ransomware attack, according to Europol. The agency also advises users to pay attention to the links on which they click and to update their security software.
Victims are, in fact, increasingly reluctant to pay the ransom demands. A survey by Threatpost in June found that 80% of those surveyed who had been the subject of ransomware attacks had refused to pay for a descriptor that could very well never materialise.
No More Ransom provides a reply to the increasing number of cybercrime companies, which seem to inject large sums of money into the ransomware ecosystem. During the first half of 2020, such attacks represented 41% of all cybercrime demands, according to a report made in June by Cyber Claims Insurance.
In addition to financing a criminal company, the payment of ransomware to companies sanctioned by the federal government could bring a company to the notice of the US Treasury, which added various ransomware groups to its sanction list in October 2020.