The Netherland’s National High Tech Crime Unit (NHTCU) and Netherlands’ National Prosecutors Office recently discovered a large database of decryption keys from CoinVault command and control server (containing IVs, Keys and private Bitcoin wallets). The NHTCU shared this information with Kaspersky Lab which used it to develop Noransomware decryption application.
Ransomware like CoinVault encrypts data on a disk or blocks access to computer system. Ransomware usually installed by exploiting vulnerability on victims’ computers via phishing emails or links to malicious websites. CoinVault lets victims see a list of the files it encrypted and decrypt one for free to try to get people to pay up.
Noransomware decryption application isn’t 100 percent effective, but, as the investigation advances, the police hope to discover new decryption keys and improve the success rate of Noransomware decryption application, said Kaspersky researcher Jornt van der Wiel, who helped build the decryption tool.
Noransomware Decryption Application at https://noransom.kaspersky.com
Source: Challenging CoinVault – it’s time to free those files
Alex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
