Ransomware Decryption Framework – Now Available
This blog details the availability of the McAfee Ransomware Recover (Mr 2). We would like to credit Kunal Mehta and Charles McFarland in the work required to develop this framework.
How do I get my files back? This is probably the first question asked when ransomware strikes. Of course, the answer will depend on whether there is a backup available. Or if a decryption tool exists on the www.nomoreransom.org website.
Developing these tools invariably involve significant effort to identify the decryption keys, but also create a tool that can be tested, hosted and then made freely available to help victims of ransomware. Today however we are pleased to announce the availability of McAfee Ransomware Recover (Mr 2), this framework will allow for the rapid incorporation of decryption keys and custom decryption logic (when they become available) and get help to victims of ransomware a lot quicker.
Now, whilst the availability of a framework is important its probably not something you would say deserves the fanfare of the communications we have produced. However, the key difference here is that this framework is free to use for the security community. So if security researchers have identified decryption keys and custom decryption logic for a ransomware variant, and do not want to spend the time to produce their own tool then McAfee Ransomware Recover (Mr 2) is available to freely use.
Over the course of the next few weeks we will produce more guidance on the tool, including webcasts by the development team. Also, we will remain committed to working with our public and private sector partners to get our hands on as many decryption keys as possible.
Follow us on Twitter for all updates from #MPOWER17 at @McAfee.
More antivirus and malware news?
- Broadband access creeps along but DDoS attacks explode
- CloudFlare Launches Security-Focused Domain Registrar
- IDG Contributor Network: Message in a PCI bottle – preserving message queue integrity
- Lazarus Targets South Korea with Malicious Docs
- Forecast 2013: Setting a mobile risk management strategy
- explorer.pass.psu.edu upgrade
- FBI will help US agencies with tools to unlock encrypted devices
- Mimecast Acquires Cloud Migration Firm Simply Migrate
- Mocana Launches Industrial IoT Security Platform
- What is Encryption?