The No More Ransom decryption tool repository has so far registered over 4.2 million visitors from 188 countries. The repository has helped save an estimated $632 million for ransomware victims worldwide, with 12% saved by Bitdefender's GandCrab decryptors alone.
No More Ransom, powered by the contributions of 163 partners fighting cybercrime globally, turns four years old this month. The first public-private partnership of its kind, NMR helps ransomware victims recover encrypted data without having to pay their aggressors.
Users simply visit nomoreransom.org and follow the Crypto Sheriff steps to help identify the ransomware strain affecting their data. If a decryptor is available, a download link will be provided.
Celebrating its achievements, the European Union Agency for Law Enforcement Cooperation (Europol) this week published a press release announcing that the repository “has registered since its launch over 4.2 million visitors from 188 countries and has stopped an estimated $ 632 million in ransom demands from ending up in criminals” pockets.”
“Powered by the contributions of its 163 partners, the portal has added 28 tools in the past year and can now decrypt 140 different types of ransomware infections. The portal is available in 36 languages,” Europol said.
Cybersecurity vendors were the most prolific contributors, accounting for 37% of contributions, but 28% of the decryption tools came from law enforcement, 11% from CERTs, 7% from players in the financial services industry, 6% from non-profits and 3% from consulting. Even telcos and academia contributed, each with a small but still important 2% share.
For its part, Bitdefender has so far provided seven free decryption tools for nine ransomware families. Bitdefender”s GandCrab decryptors alone have helped save victims more than $76 million to date - or 12% of the total $632 million in ransom demands prevented by No More Ransom from ending up in criminals” pockets in the past four years.
A handy infographic accompanying the press release shows the breakdown by partners, tools, languages and countries, as well as the partner annual growth, total downloads and ransomware families covered.
Acknowledging that many types of ransomware are still out there without a public decryptor, Europol describes some steps to take to protect yourself from ransomware, including keeping regular backups (preferably offline) and using reliable antivirus software.
“Do not download programs from suspicious sources. Do not open attachments in e-mails from unknown senders, even if they look important and credible,” Europol adds.
As always, the agency urges ransomware victims to refrain from paying ransom. The FBI has historically also issued the same recommendations to entities falling prey to ransomware operators, though for some victims - like healthcare providers - denying attackers their demands just might have a life-threatening impact.