Ransomware Decryption Framework – Now Available
This blog details the availability of the McAfee Ransomware Recover (Mr 2). We would like to credit Kunal Mehta and Charles McFarland in the work required to develop this framework.
How do I get my files back? This is probably the first question asked when ransomware strikes. Of course, the answer will depend on whether there is a backup available. Or if a decryption tool exists on the www.nomoreransom.org website.
Developing these tools invariably involve significant effort to identify the decryption keys, but also create a tool that can be tested, hosted and then made freely available to help victims of ransomware. Today however we are pleased to announce the availability of McAfee Ransomware Recover (Mr 2), this framework will allow for the rapid incorporation of decryption keys and custom decryption logic (when they become available) and get help to victims of ransomware a lot quicker.
Now, whilst the availability of a framework is important its probably not something you would say deserves the fanfare of the communications we have produced. However, the key difference here is that this framework is free to use for the security community. So if security researchers have identified decryption keys and custom decryption logic for a ransomware variant, and do not want to spend the time to produce their own tool then McAfee Ransomware Recover (Mr 2) is available to freely use.
Over the course of the next few weeks we will produce more guidance on the tool, including webcasts by the development team. Also, we will remain committed to working with our public and private sector partners to get our hands on as many decryption keys as possible.
Follow us on Twitter for all updates from #MPOWER17 at @McAfee.
More antivirus and malware news?
- German Nuke Plant Hit by Disruptive Cyber Attack: Report
- ‘Destover’ Malware Now Digitally Signed by Sony Certificates
- Linux Foundation pours millions into critical internet infrastructure
- SSCC 91 – Utah explains data breach, Facebook hacker jailed, FlashBack removal for Leopard, Pentagon expands data sharing
- Internet Border Router Testing and Troubleshooting
- "Safety issues" prompt trade-in program for off-brand iPhone adapters
- On Using Fake Data to Generate Alerts
- Microsoft CEO Nadella’s top challenge: Figuring out mobile
- Intel to acquire network security firm Sensory Networks
- Mozilla releases Firefox 16.0.1 to address four vulnerabilities