Kaspersky Lab researchers have uncovered a sophisticated threat used for cyber-espionage in the Middle East and Africa from at least 2012 until February 2018.
The platform www.nomoreransom.org is now available in 14 languages and contains 40 free decryption tools. Since our last report in December, more than 10 000 victims from all over the world have been able to decrypt their affected devices thanks to the tools made available free of charge on the platform.
No More Ransom was launched in July 2016 by the Dutch National Police, Europol, Intel Security and Kaspersky Lab, introducing a new level of cooperation between law enforcement and the private sector to fight ransomware together. Since the launch, dozens of partners from all continents have joined. This shows that ransomware is a worldwide problem that needs to be, and will be, fought together. Statistics show that most visitors to the platform come from Russia, the Netherlands, the United States, Italy and Germany.
Previously available in English, Dutch, French, Italian, Portuguese and Russian, the website has now been translated to Finnish, German, Hebrew, Japanese, Korean, Slovenian, Spanish and Ukrainian. More languages are expected to be made available soon in order to better assist victims across the globe.
New private and public partners
AVAST, CERT Polska and Eleven Paths – Telefonica’s Cyber Security Unit, are joining No More Ransom as associate partners, bringing the number of associates to 7. With 30 new supporting partners also joining the program, the overall total is now 76. New to join from the law enforcement side are Australia, Belgium, INTERPOL, Israel, South Korea, Russia and Ukraine; others are Acronis International GmbH, Crowdstrike, Cyber Security Canada, DataGravity, Deloitte, eco – Association of the Internet Industry (eco e.V.), ENISA, the Global Cyber Alliance (GCA), the Japan Cyber Control Centre (JC3), KUERT Datenrettung Deutschland GmbH, KÜRT Data Recovery and Information Security Co., mnemonic AS, Neutrino S.r.l., Portugal Telecom, Secura Group Limited, SentinelOne and Verizon Enterprise Solutions. There is also a strong support from the CERT community, represented by AfricaCERT, BA-CSIRT (CSIRT of Buenos Aires City Government), Centro Nacional de Cibersegurança, Certego Incident Response Team, Cybersecurity Malaysia and the Japan Computer Emergency Response Team Coordination Center (JPCERTCC).
The arrival of INTERPOL follows on from the INTERPOL-Europol Cybercrime Conference 2016, highlighting the impact of this practical, user-focused and driven annual joint event.
Since the last release, 15 tools have been added to the platform, offering new decryption possibilities to the victims of ransomware:
AVAST: Alcatraz Decryptor, Bart Decryptor, Crypt888 Decryptor, HiddenTear Decryptor, Noobcrypt Decryptor and Cryptomix Decryptor
Bitdefender: Bart Decryptor
CERT Polska: Cryptomix/Cryptoshield decryptor
Check Point: Merry X-Mas Decryptor and BarRax Decryptor
Eleven Paths – Telefonica Cyber Security Unit: Popcorn Decryptor
Emsisoft: Crypton Decryptor and Damage Decryptor
Kaspersky Lab: Updates on Rakhni and Rannoh Decryptors
More information and prevention tips are available on www.nomoreransom.org.
Articles related to Virus News
Sofacy shifts focus to include Far East defense and diplomacy, overlaps with advanced cyberespionage groups
Kaspersky Lab researchers have observed that the Russian-speaking threat actor Sofacy, also known as APT28 or Fancy Bear is shifting its targeting to the Far East.
Learn more >
Kaspersky Lab researchers have revealed that the group behind the Prilex point-of-sale malware can now turn stolen credit card data into functional plastic cards.
Learn more >