Menu
Files encrypted by CoinVault ransomware? New free tool may decrypt them

Files encrypted by CoinVault ransomware? New free tool may decrypt them

Dutch police obtained CoinVault decryption keys and shared them with the world

Victims of the CoinVault ransomware might be able to decrypt their files with a free tool released by Kaspersky Lab together with the Dutch police.

The tool can be found at https://noransom.kaspersky.com. The application uses decryption keys found by the Dutch police as part of an investigation.

Ransomware like CoinVault encrypts data on a disk or blocks access to a computer system. It is usually installed by exploiting a vulnerability on victims' computers via phishing emails or links to malicious websites.

Unlike other ransomware, CoinVault lets victims see a list of the files it encrypted and decrypt one for free to try to get people to pay up.

The National High Tech Crime Unit (NHTCU) of the Dutch police recently obtained a database from a CoinVault command-and-control server containing decryption keys, the Dutch police said in a news release. The information obtained from that database allowed Kaspersky to build a decryption tool.

The tool isn't 100 percent effective, but, as the investigation advances, the police hope to discover new keys and improve the tool's success rate, said Kaspersky researcher Jornt van der Wiel, who helped build the decryption tool.

The Dutch police has not made any arrests in connection with the ransomware but said it soon might because the perpetrator behind the CoinVault ransomware is suspected to be in the Netherlands.

Victims of ransomware are encouraged to report attacks to the police because reports by a company and an individual led to the discovery of the keys and to a possible lead on a suspect, the police said.

Loek is Amsterdam Correspondent and covers online privacy, intellectual property, online payment issues as well as EU technology policy and regulation for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to loek_essers@idg.com


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags securitykaspersky lab

Featured

Slideshows

A snapshot of the Kiwi partners set to shine at the Reseller News Awards

A snapshot of the Kiwi partners set to shine at the Reseller News Awards

With the 2017 Reseller News ICT Industry Awards only weeks away, Reseller News profiles the power line-up of partners set to dominate the biggest night on the channel calendar. ​Ranging from the enterprise, down through the mid-market and small business sectors into the heart of the start-up scene, the end result is the most diverse and wide-ranging partner line-up in the history of the Awards, playing host to the leading innovators of the past 12 months.​

A snapshot of the Kiwi partners set to shine at the Reseller News Awards
Channel celebrates as HP marks 50 years in NZ

Channel celebrates as HP marks 50 years in NZ

HP marked 50 years in New Zealand at an event in the vendor's Auckland's headquarters last night, with a host of key channel figures coming along to celebrate. Photos by HP.

Channel celebrates as HP marks 50 years in NZ
Show Comments