A year ago, Europol, the Dutch National Police, Kaspersky Lab and Intel Security, launched a project named NoMoreRansom, and they have just published its latest progress report.
What NoMoreRansom does, is gathering all the available ransomware decryption tools into a single portal which the victims can use to decrypt their files without paying any ransom to the hackers.
The latest Europol update from December 2016, added 15 new tools to the decryption library of NoMoreRansom. In this way, the project partners’ catalogue has increased by 30 to 76 public and private members, including the law enforcement agencies of Russia, Ukraine, Australia, Izrael, Belgium, South Korea, and even Interpol. Among the new private members are Verizon Enterprise Solutions and SentinelOne.
Europol reported that since December 2016, 10,000 ransomware victims worldwide have regained their files via NoMoreRansom. According to the statistics, most visitors to the platform come from Russia, the Netherlands, the United States, Italy and Germany.
Among the new decryptors is the one provided by Bitdefender, which rescues files from the Bart ransomware family.
“The tool,” claims Bitdefender, “is a direct result of successful collaboration between Bitdefender, Europol, and Romanian police, supporting the ‘No More Ransom’ initiative kick started by Europol’s European Cybercrime Centre.”
The creators of Bart are the same who have developed Locky and Dridex ransomware families. However, Bart differs from the other viruses as it does not need an internet connection to encrypt the user’s files, although one is required to receive the decryption key from the attacker’s C&C server.
Users should know that this ransomware doesn’t work in case the language of the PC is detected as Russian, Belorussian, or Ukrainian – “most probably,” suggests Bitdefender, “because it was written by a Russian speaking hacker.”
Meanwhile, the ransomware losses keep increasing, rising by 300% from 2015 to 2016 to an estimated total of $1 billion. Unfortunately, the estimates for this year show that the malware threat continues to increase.