Skip to main content

Kaspersky, police fighting ransomware with freely downloadable tool

hacker
Image used with permission by copyright holder
No good can come out of your computer being infected by malware, but there are varying levels of bad. Having your data held hostage by an anonymous hacker unless you pay an exorbitant fee? That scores pretty high on the bad scale.

The term for this type of malware is ransomware, and currently CoinVault is the most notorious example. Usually installed by way of a compromised website or a phishing email, CoinVault goes a step further than other ransomware and actually shows its victims a list of files and even decrypts one for free, like sending out a hostage in a standoff.

It may sound like the only hope is to pay up and hope you get your files back, but Kaspersky Lab and the National High Tech Crime Unit (NHTCU) of the Dutch police are fighting back. The NHTCU recently acquired a database of CoinVault keys, and Kaspersky has used this database to build a tool to generate CoinVault decryption keys, according to PCWorld.

The tool, simply called “Ransomware Decryptor” is freely downloadable from Kaspersky. While it isn’t 100 percent effective, police are hoping to obtain new keys as the investigation into CoinVault continues. It is hoped that this will help to improve the software, said Kaspersky researcher Jornt van der Wiel.

CoinVault has been infecting Windows computers since November of last year, and while the investigation into those behind it is advancing, computer users are still regularly having their data held hostage by the malware. Police are encouraging those hit by ransomware to contact them, as individual reports have led to the discovery of keys, and even to a lead on a suspect.

If you have friends or relatives who don’t know the dangers of clicking links in strange emails (and don’t we all?), it’s probably worth downloading the tool from Kaspersky and keeping it on hand, just in case.

Kris Wouk
Former Digital Trends Contributor
Kris Wouk is a tech writer, gadget reviewer, blogger, and whatever it's called when someone makes videos for the web. In his…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more