No More Ransom

The No More Ransom project celebrates its sixth anniversary today after helping millions of ransomware victims recover their files for free.

Launched in July 2016, No More Ransom is an online portal and a public-private partnership created by law enforcement (Europol and the Dutch National Police) and IT security companies (Kaspersky and McAffee).

Today, the No More Ransom project includes 188 partners worldwide, including BleepingComputer, who joined the project in 2018.

While initially, it provided only four ransomware decryptors, it has now grown to host over 100 free decryption tools for dozens of ransomware families.

"Six years later, No More Ransom offers 136 free tools for 165 ransomware variants, including Gandcrab, REvil/Sodinokibi, Maze/Egregor/Sekhmet and more," Europol said Tuesday.

During the six years since its launch, the initiative has provided more than 10 million people with free decryptors to recover their files without paying cybercriminals.

As Europol revealed last year, when No More Ransom celebrated its fifth anniversary, "this prevented criminals from earning almost a billion euros through ransomware attacks."

No More Ransom
Image: Europol

How does it work?

No More Ransom's goal is to help ransomware victims recover their encrypted files, raise awareness of the threat of ransomware attacks, and provide victims with easy-to-follow links to report attacks.

No More Ransom's Crypto Sheriff tool will help you find a free decryptor by uploading two encrypted files and the ransomware note, which will try to match them against a list of available tools.

If it finds a match, it shares a suitable ransomware decryptor for your encrypted files, with detailed instructions on unlocking them.

If no decryptor is found, you'll be advised to check again for a match in the future because new unlock tools are added regularly.

Europol also provides a video on how to use the Crypto Sheriff tool to recover your files without paying a ransom.

Ransomware victims are advised never to pay ransoms because that inadvertently finances future attacks but, instead, take measures to prevent and lessen the attacks' impact:

  • Regularly back up data stored on your electronic devices.
  • Watch your clicks – do you know where a link will take you?
  • Do not open attachments in e-mails from unknown senders, even if they look important and credible.
  • Ensure that your security software and operating system are up to date.
  • Use two-factor authentication (2FA) to protect your user accounts.
  • Limit the possibility of exfiltrating large amounts of corporate data to external file exchange portals.
  • If you become a victim, do not pay! Report the crime and check No More Ransom for decryption tools. 

Related Articles:

New ShrinkLocker ransomware decryptor recovers BitLocker password

Attacks on Citrix NetScaler systems linked to ransomware actor

New Ymir ransomware partners with RustyStealer in attacks

Halliburton reports $35 million loss after ransomware attack

Critical Veeam RCE bug now used in Frag ransomware attacks