“You’ve been hit by ransomware and you don’t know what to do?
Jada Cyrus has assembled a helpful “Ransomware Removal Kit” which contains decryption tools for CryptoLocker, CoinVault, TeslaCrypt and FBIRansomWare, along with instructions on how to use them.
“You should never pay the ransom. This will only reinforce this type of attack,” Cyrus is adamant, and says the kit’s intended to be used for security professionals and system administrators alike, so that they can streamline the process of responding to ransomware infections.
Generally, before attempting to remove ransomware from impacted computers, they should be first removed from the network on which they are on, says Cyrus. Identifying the type of ransomware is crucial for any decrypting attempt – decryption tools are only currently available for the aforementioned ransomware types.
And not all are guaranteed to do the work thoroughly or to work in all cases.
CoinVault victims will be able to decrypt their files if they find the right key in the repository of decryption keys provided by Kaspersky Lab and the National High Tech Crime Unit (NHTCU) of the Netherlands police.
TeslaCrypt victims will be able to do the same only if the master key can be recovered from the key.dat file some versions of the malware put on the target machine.