Victims of the CoinVault ransomware have another option when trying to retrieve information - and not paying a ransom to hackers. Cybersecurity company Kaspersky Lab has partnered with the National High Tech Crime Unit (NHTCU) of the Netherlands' police, providing decryption keys and a decryption application online.
Using information collected from a CoinVault command & control server, Kaspersky Lab, NHTCU and the Netherlands' National Prosecutors Office hope victims will be able to retrieve files without paying a ransom.
"If you get infected with the CoinVault ransomware, please check noransom.kaspersky.com," urged Jornt van der Wiel, security researcher for the global research and analysis team at Kaspersky Lab. "We have uploaded a huge number of keys onto the site. If we do not currently have records for a particular Bitcoin wallet, you can check again in the near future, because together with the National High Tech Crime Unit of the Netherlands' police we are continuously updating the information."
CoinVault has racked up more than 1,000 Windows-based PCs as victims, forcing them to pay a Bitcoin ransom, try to restore files from a backup, or start over completely.