SHARE
CoinVault ransomware data held hostage

One way to keep your files safe is to use encryption, but sometimes this can be used against you.

One type of malware that is gaining steam is called ransomware. You normally encrypt data to keep people out but with ransomware, it’s a hacker that keeps you out of your data because it’s encrypted without your knowledge. It’s very hard to get rid of, but a new tool released on April 13 can help you.

A growing threat

Kaspersky Lab, which is a software security firm that has headquarters in Russia, released the “Ransomware Decryptor” which is intended to help people fight back against ransomware nicknamed “CoinVault.” This malicious software takes control of your data and demands that you make a payment to have your access restored.

The reach of CoinVault is quite limited as it’s only impacted 1000 or so Windows-based computers around the world. Its presence, however, does highlight a growing problem that consumers face on mobile devices and personal computers.

Why it’s so harmful

To understand how this ransomware works, imagine that you went to the gym and have the same items in the same locker with the same combination each time you went to the gym.

Imagine that one day you can’t get the combination open. A stranger approaches you and says that he put a different lock on the locker, but will open it up so you can have your belongings back if you pay him $500.

This is what is happening with your computer. The ransomware infiltrates your system through a bad link or some other method and then your files are locked and you cannot access them.

Fight back

The Ransomware Decryptor is a tool developed by Kaspersky when they were contacted by a unit of the Netherlands’ police called National High Tech Crime Unit and the Netherlands’ National Prosecutors Office. The Dutch police obtained a database from a CoinVault server, which allowed Kaspersky to create the anti-ransomware software. It provides the infected users with decryption keys that are able to release their data from the clutches of ransomware.

Kaspersky Lab ransomware decryptor site

Programs like Malwarebytes are able to detect ransomware, but the ability to decrypt the affected files has always been complicated. The product offered by Kaspersky is different as it offers a unique way to decrypt the files that are held hostage by the CoinVault ransomware.

If you get infected, Kaspersky can check to see if it’s able to unlock your files via the decryption website. You can download a free version of the software and follow our instructions to have the ransomware removed.

The scope of the problem

The problem with ransomware goes beyond CoinVault. U.S. police departments have actually paid ransoms to hackers because their computer systems were compromised. Earlier this month police departments of Tewksbury, Massachusetts, and Damariscotta, Main paid ransoms in bitcoin currency which is untraceable online. This was paid to hackers who used the ransomware to encrypt their files.

In February, the Chicago Tribune said that police in Midlothian, Illinois had to do the same. In 2013, a similar incident occurred in Swansea, Massachusetts. So what can be done about this?

There needs to be a proactive approach to this malware which will make the difference according to Santiago Pontiroli who is a security researcher at Kaspersky. This means that you need to back up your files as you don’t want to pay a ransom to have your files unlocked. If you have a backup, you won’t have to worry about ransomware because you’ll still have a copy that you can use even if you’re infected.

This isn’t a new advice because you don’t want to click on links from sources that you don’t trust or open attachments when you don’t know where it came from. Kaspersky says ransomware may come in emails that are said to be from the IRS. This is to lure people during tax season to try and get them with the ransomware. Don’t open or simply delete all messages that you deem to be suspicious.

You want to take heed because ransomware threats growing quickly. And it seems that this problem is here to stay. Be very careful to not become a victim of this latest form of malware.

LEAVE A REPLY