Ransomware attackers are no longer having it all their own way, due to a backlash from the cyber security industry. A good example of a successful counterstrike is the speed with which a recent Telegram app ransomware was dismantled. In many cases, white hats are able to exploit basic flaws in the malware’s encryption implementation to decrypt the attackers’ ransom systems. Counter attacks of this kind are becoming more frequent in part due to the No More Ransom project – a coalition between Kaspersky Lab, Intel Security, the National High Tech Crime Unit of the Netherlands’ police, and Europol’s European Cybercrime Centre.
This effective combination of security researchers and law enforcement agencies is helping victims to recover data being held hostage without having to pay ransom demands. The project’s website offers tips to prevent ransomware attacks as well as free tools to decrypt files affected by ransomware, and has been a big success to date.