Identifying 52 shades of ransomware

There is no simple or universal answer to a ransomware attack (apart from taking all possible precautions in advance, and there are no guarantees even then). However, the site ID Ransomware does seem to offer a way for victims to (maybe) identify the ransomware that has attacked their system. (I haven’t tested it myself.)

As I understand it, the site works like this:

  • It allows a victim to upload a file displaying ransom/payment information or one of the encrypted files, and attempts to use the uploaded file to identify the malware that implemented the attack. It currently claims to detect 52 varieties of ransomware.
  • If there is a known way of decrypting the encrypted files without paying the ransom, it directs the victim towards it.

The site doesn’t offer to decrypt files directly itself, and doesn’t want samples of the actual malware.

Hat tip to  of Help Net Security, where I first saw the site announced.

David Harley

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.