Ransomware Decryption Framework – Now Available

This blog details the availability of the McAfee Ransomware Recover (Mr 2).  We would like to credit Kunal Mehta and Charles McFarland in the work required to develop this framework.

How do I get my files back?  This is probably the first question asked when ransomware strikes. Of course, the answer will depend on whether there is a backup available. Or if a decryption tool exists on the www.nomoreransom.org website.

Developing these tools invariably involve significant effort to identify the decryption keys, but also create a tool that can be tested, hosted and then made freely available to help victims of ransomware. Today however we are pleased to announce the availability of McAfee Ransomware Recover (Mr 2), this framework will allow for the rapid incorporation of decryption keys and custom decryption logic (when they become available) and get help to victims of ransomware a lot quicker.

Now, whilst the availability of a framework is important its probably not something you would say deserves the fanfare of the communications we have produced. However, the key difference here is that this framework is free to use for the security community. So if security researchers have identified decryption keys and custom decryption logic for a ransomware variant, and do not want to spend the time to produce their own tool then McAfee Ransomware Recover (Mr 2) is available to freely use.

Over the course of the next few weeks we will produce more guidance on the tool, including webcasts by the development team. Also, we will remain committed to working with our public and private sector partners to get our hands on as many decryption keys as possible.

Follow us on Twitter for all updates from #MPOWER17 at @McAfee.

The post Ransomware Decryption Framework – Now Available appeared first on McAfee Blogs.

Read more: Ransomware Decryption Framework – Now Available

Story added 19. October 2017, content source with full text you can find at link above.


Comments are closed.