The No More
Ransom decryption tool repository has so far registered over 4.2 million
visitors from 188 countries. The repository has helped save an estimated $632
million for ransomware victims worldwide, with 12% saved by Bitdefender’s
GandCrab decryptors alone.
No More
Ransom, powered by the contributions of 163 partners fighting cybercrime
globally, turns four years old this month. The first public-private partnership
of its kind, NMR helps ransomware victims recover encrypted data without having
to pay their aggressors.
Users simply
visit nomoreransom.org and follow the Crypto Sheriff steps to help identify the
ransomware strain affecting their data. If a decryptor is available, a download
link will be provided.
Celebrating its achievements, the European Union Agency for Law Enforcement Cooperation (Europol) this week published a press release announcing that the repository “has registered since its launch over 4.2 million visitors from 188 countries and has stopped an estimated $ 632 million in ransom demands from ending up in criminals’ pockets.”
“Powered by
the contributions of its 163 partners, the portal has added 28 tools in the
past year and can now decrypt 140 different types of ransomware infections. The
portal is available in 36 languages,” Europol said.
Cybersecurity
vendors were the most prolific contributors, accounting for 37% of
contributions, but 28% of the decryption tools came from law enforcement, 11%
from CERTs, 7% from players in the financial services industry, 6% from non-profits
and 3% from consulting. Even telcos and academia contributed, each with a small
but still important 2% share.
For its
part, Bitdefender has so far provided seven free decryption tools for nine ransomware
families. Bitdefender’s GandCrab decryptors alone have helped save victims more
than $76 million to date – or 12% of the total $632 million in ransom demands prevented
by No More Ransom from ending up in criminals’ pockets in the past four years.
A handy infographic accompanying the press release shows the breakdown by partners, tools, languages and countries, as well as the partner annual growth, total downloads and ransomware families covered.
Acknowledging
that many types of ransomware are still out there without a public decryptor,
Europol describes some steps to take to protect yourself from ransomware,
including keeping regular backups (preferably offline) and using reliable
antivirus software.
“Do not
download programs from suspicious sources. Do not open attachments in e-mails
from unknown senders, even if they look important and credible,” Europol adds.
As always,
the agency urges ransomware victims to refrain from paying ransom. The FBI has
historically also issued the same recommendations to entities falling prey to
ransomware operators, though for some victims – like healthcare providers – denying
attackers their demands just might have a life-threatening impact.