Home / Software & Gaming / Security / Lost files to ransomware? Kaspersky may be able to help

Lost files to ransomware? Kaspersky may be able to help

Ransomware, perhaps the most malicious malware ever released doesn't target your bank details, or your office network. No, ransomware targets your work documents themselves and your personal photos, anything on your system that could be valuable, and encrypts them. It then demands payment by a certain date, or those files will be lost forever. Irretrievable. You'd need a super computer to crack the code. Or, potentially, just ask for Kaspersky's help, as it's come up with a way to save affected files.

Working in conjunction with the National High Tech Crime Unit (NHTCU) of the Netherlands' police, the Russian digital security firm has released a number of decryption keys linked with the CoinVault ransomware, potentially allowing those hit with the nefarious software to retrieve their most precious files and documents.

This is about the worst screen you can ever see on your PC

This was possible thanks to the Dutch police raiding a server believed to contain CoinVault data, where it found bitcoin wallets containing ransom money, but most importantly, several keys that could be used to decrypt obfuscated files. With those keys, Kaspersky was able to create a tool which automatically attempts to decrypt data utilising the CoinVault keys. It's no guarantee that it will work, but this is the first glimmer of hope that ransomware affected files may not be permanently lost to nonsense.

If you or someone you know has been affected by CoinVault, you can find more about the reverse engineering of the malware at Kaspersky's blog and can download the tool to decrypt your files here.

KitGuru Says: If any of you have been affected by CoinVault, you have our sympathies. It's a rotten piece of malware. Good luck in fixing it with the tool.

Become a Patron!

Check Also

Sony investigating claims of major security breach

This week, a ransomware group claimed to have breached "all of Sony's systems", putting the stolen data up for sale on the dark web. Sony has yet to confirm that an attack has taken place but the company is now investigating.