Ransomware victims can use free decryptors to avoid paying ransoms in order to recover their encrypted data

Jul 28, 2021 16:20 GMT  ·  By

According to a Europol statement released Monday, a service called No More Ransom Repository has assisted in the recovery of valuable information stolen by hackers from more than 6 million victims and has saved approximately €1B from cybercriminal hands. 

No More Ransom is associated with a collaborative initiative that began five years ago and includes members such as the European Cybercrime Centre, Kaspersky, McAfee, Barracuda, Amazon Web Services, and others. The purpose is to prevent victims from transferring money to ransomware operators in order to fund their activities.

Ransomware victims are encouraged to reject the demand for payment. Moreover, the project members explain that by paying ransom to cybercriminals, you are only confirming that the ransomware is working, and there is no guarantee that you will receive the required decryption key in return.

Free decryption options are available to help ransomware victims 

The group chooses a problem-solving approach by directing ransomware victims to the Crypto Sheriff Tool on their website. There, victims can enter the bitcoin address provided by the cybercriminals to pay the ransom, and onion address, or a URL.

The application checks the No More Ransom database, where they can choose from a number of 121 tools designed for decrypting 152 ransomware families. Even better, the services are offered for free, and the content is available in 37 languages. If a victim cannot find a decryption tool, it is recommended to check back because the repository is constantly updated with new additions.

Why you should not pay the ransom demanded by cybercriminals 

According to research conducted by Cybereason in June, victims who pay quickly identify themselves as easy targets. In fact, a follow-up attack targeted 80% of the total number of companies that paid the ransom. Even though half of them were assaulted by the same gang for the second time, one-third of them drew additional threats, that resulted in an easy payout. In addition to financing a criminal activity, the payment of ransomware might be a violation under the U.S. Department of Treasury.

According to Europol, frequent backups are still the most effective method of preventing a ransomware infection. The agency advised users to pay close attention to the links they click and to keep their software up to date on a regular basis. Europol also strongly advises ransomware victims not to pay the ransom. The first step to take in this situation is to report the crime and then search for decryption tools in the No More Ransom repository.