Kaspersky, Intel and Law Enforcement Launch No More Ransom Effort
NoMoreRansom.org provides decryption keys for Shade ransomware, with a plan to help end the scourge of ransomware.Ransomware is a growing epidemic that is impacting users around the world, but an effort launched July 25 at NoMoreRansom.org is taking a definitive step to help reverse the trend. The No More Ransom effort is a partnership between Kaspersky Lab, Intel Security, Europol's European Cybercrime Centre, the Dutch High‐Tech Crime Unit and Amazon Web Services. "We realized that the police cannot fight against cyber-crime, and ransomware in particular, alone, and security researchers cannot fight it without support from law enforcement agencies," Jornt van der Wiel, security researcher with the Global Research and Analysis Team at Kaspersky Lab, told eWEEK. "To be the most effective, law enforcement agencies and IT security companies have to work together around the globe." One of No More Ransom's key assets is decryption keys for the Shade ransomware family. Shade is a popular ransomware Trojan that first emerged in 2014. Since then, Intel Security and Kaspersky have been able to block approximately 27,000 attempts to attack users with Shade. It's not clear how many users were infected with Shade, but thanks to the actions of law enforcement, victims now have an easy way to recover their data. "Our law enforcement partners were able to seize components related to the [Shade] back end, and this allowed the extraction of decryption keys to be incorporated into a tool," Raj Samani, vice president and CTO at Intel Security, told eWEEK.
No More Ransom's Shade decryption tool has 160,000 keys that can help victims decrypt their data. Using the tool, users will need to run two commands via the command line, according to Samani. The first command requires a victim's "user ID" found in the ransom note created at the time of infection.