Ransomware Decryption Framework – Now Available
This blog details the availability of the McAfee Ransomware Recover (Mr 2). We would like to credit Kunal Mehta and Charles McFarland in the work required to develop this framework.
How do I get my files back? This is probably the first question asked when ransomware strikes. Of course, the answer will depend on whether there is a backup available. Or if a decryption tool exists on the www.nomoreransom.org website.
Developing these tools invariably involve significant effort to identify the decryption keys, but also create a tool that can be tested, hosted and then made freely available to help victims of ransomware. Today however we are pleased to announce the availability of McAfee Ransomware Recover (Mr 2), this framework will allow for the rapid incorporation of decryption keys and custom decryption logic (when they become available) and get help to victims of ransomware a lot quicker.
Now, whilst the availability of a framework is important its probably not something you would say deserves the fanfare of the communications we have produced. However, the key difference here is that this framework is free to use for the security community. So if security researchers have identified decryption keys and custom decryption logic for a ransomware variant, and do not want to spend the time to produce their own tool then McAfee Ransomware Recover (Mr 2) is available to freely use.
Over the course of the next few weeks we will produce more guidance on the tool, including webcasts by the development team. Also, we will remain committed to working with our public and private sector partners to get our hands on as many decryption keys as possible.
Follow us on Twitter for all updates from #MPOWER17 at @McAfee.
More antivirus and malware news?
- 63% of sites surveyed didn’t even know they’d been hacked
- Google Glass: the ultimate creepy stalker toy?
- United to award miles to security researchers who discover bugs – Wi-Fi, entertainment systems and avionics are off-limits
- Why are ISPs afraid of net neutrality?
- How a Misconfigured AWS Server Exposed Verizon Customers’ Data
- Hyatt Hotels Hit by Another Card Breach
- OpenSSL update fixes Drown vulnerability
- Taiwan Bank Heist Linked to North Korean Hackers
- Microsoft Windows ‘HTTP.sys’ CVE-2016-0150 Denial of Service Vulnerability
- Esthost/Rove Digital Mastermind Pleads Guilty, Faces Six-Year Sentence