Menu
Files encrypted by CoinVault ransomware? New free tool may decrypt them

Files encrypted by CoinVault ransomware? New free tool may decrypt them

Dutch police obtained CoinVault decryption keys and shared them with the world

Victims of the CoinVault ransomware might be able to decrypt their files with a free tool released by Kaspersky Lab together with the Dutch police.

The tool can be found at https://noransom.kaspersky.com. The application uses decryption keys found by the Dutch police as part of an investigation.

Ransomware like CoinVault encrypts data on a disk or blocks access to a computer system. It is usually installed by exploiting a vulnerability on victims' computers via phishing emails or links to malicious websites.

Unlike other ransomware, CoinVault lets victims see a list of the files it encrypted and decrypt one for free to try to get people to pay up.

The National High Tech Crime Unit (NHTCU) of the Dutch police recently obtained a database from a CoinVault command-and-control server containing decryption keys, the Dutch police said in a news release. The information obtained from that database allowed Kaspersky to build a decryption tool.

The tool isn't 100 percent effective, but, as the investigation advances, the police hope to discover new keys and improve the tool's success rate, said Kaspersky researcher Jornt van der Wiel, who helped build the decryption tool.

The Dutch police has not made any arrests in connection with the ransomware but said it soon might because the perpetrator behind the CoinVault ransomware is suspected to be in the Netherlands.

Victims of ransomware are encouraged to report attacks to the police because reports by a company and an individual led to the discovery of the keys and to a possible lead on a suspect, the police said.

Loek is Amsterdam Correspondent and covers online privacy, intellectual property, online payment issues as well as EU technology policy and regulation for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to loek_essers@idg.com


Follow Us

Join the newsletter!

Or
Error: Please check your email address.

Tags securitykaspersky lab

Featured

Slideshows

Bumper channel crowd kicks off first After Hours of 2018

Bumper channel crowd kicks off first After Hours of 2018

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Jefferson in Auckland to kick-start 2018. Photos by Gino Demeer.

Bumper channel crowd kicks off first After Hours of 2018
Looking back at the top 15 M&A deals in NZ during 2017

Looking back at the top 15 M&A deals in NZ during 2017

In 2017, merger and acquisitions fever reached new heights in New Zealand, with a host of big name deals dominating the headlines. Reseller News recaps the most important transactions of the Kiwi channel during the past 12 months.

Looking back at the top 15 M&A deals in NZ during 2017
Kiwi channel closes 2017 with After Hours

Kiwi channel closes 2017 with After Hours

The channel in New Zealand came together to celebrate the close of 2017, as the final After Hours played out in front of a bumper Auckland crowd.

Kiwi channel closes 2017 with After Hours
Show Comments