Kaspersky (Photo : Reuters )
Kaspersky Lab, a Russian-based security company, recently released a new tool in order to recover files held hostage by ransomeware CoinVault, according Sci-Tech Today.
CointVault is considered as one of the most destructive form of ransomware that has affected more than 1,000 computers in at least 20 countries around the world. Ransomware is a form of computer malware that automatically encrypt files and force the user to pay a ransom, in form of untraceable Bitcoin wallet, in order to recover the data. In some cases, files are completely deleted if no ransom fee was paid.
Through the joint effort of Kaspersky Lab and National High Tech Crime Unit(NHTCU) of Netherlands, they were able to create a decryption tool. The tool is now available for free download on the Kaspersky website. Aside from providing decryption keys, the tool can also wipe a computer clean of the malware.
Kaspersky Lab security researcher Jornt van der Wiel said, "We have uploaded a huge number of keys onto the site. If we do not currently have records for a particular Bitcoin wallet, you can check again in the near future, because together with the National High Tech Crime Unit of the Netherlands' police we are continuously updating the information."
Kaspersky has been developing the decryption tool since November 2014. The security company was able to finalize the tool when they, along with NHTCU, manage to seize one of CoinVault's command-and-control server. From the recovered servers, the group was able to get ahold of large quantity of decryption keys and this were used in the creation of the decryption tool, according to ExtremeTech.
