14 DAY TRIAL // A security enthusiast compiled instructions and decryption tools in a rescue kit intended to help IT professionals and system administrators deal with ransomware threats.
Whether it locks access to the web browser or encrypts files stored on the computer, ransomware is one of the most prevalent threats users have to deal with today.
Ransomware Rescue Kit includes free decryption tools
The kit, almost 320MB in size, created by Jada Cyrus includes guides for getting rid of TeslaCrypt, CryptoLocker and CoinVault crypto-malware pieces, as well as police ransomware that tricks victims into paying up by plastering a message allegedly from law enforcement (FBI in most cases) saying that illegal content has been accessed and they have been fined as a consequence.
For variants of the aforementioned crypto-malware, Cyrus also makes available decryption tools (from FireEye, Kaspersky and Cisco) that could unlock the data without purchasing the decryption key from the cybercriminals.
If hit with ransomware, Cyrus recommends isolating the computer from the network and identifying the malware type. “If possible, use restore points or backups to return to a safe state after removing the threat,” he says.
It is important to note that the decryption tools may not work for all variants of CryptoLocker, CoinVault and TeslaCrypt.
Ransomware is more than a nuisance
Despite efforts from the security industry to stifle this menace, cybercriminals, particularly those operating ransomware with file encryption capabilities, continue to make millions of dollars from victims.
Security experts advise against paying the ransom fee in order to discourage cybercriminals from resorting to this tactic, but the recommendation is hard to follow when access to important data is needed.
Moreover, there are plenty of instances where police departments fell victim to ransomware with file encryption capabilities and gave in to the cybercriminals’ demands.
An efficient method to protect against crypto-malware is to create backups for the important data and store them on an isolated storage device. If the computer is infected, users can restore the locked information.
In the case of ransomware that simply prevents access to the web browser, recovery is easier because no data damage is involved and removing the threat solves the problem.
“You should never pay the ransom. This will only reinforce this type of attack. According to most security intelligence reports, criminal enterprises are already making large profits from ransomware,” Cyrus says.