‘Wildfire’ Ransomware Defeated by International Security Team

Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

Wildfire, a type of ransomware targeted at Dutch speakers, has been successfully defeated by the No More Ransom initiative, a project coordinated by the Netherlands Police, Europol, Intel and Kaspersky. This multinational collaboration aims to help victims of ransomware retrieve their encrypted files for free through the use of multiple decryption tools.

Also read: Ransomware as a Service is Bringing In Some Serious Money

‘Wildfire’ Ransomware

Wildfire is a piece of ransomware, a type of malware that takes users’ files hostage and prevents them from being accessed. To save their files, victims must  pay attackers, usually via bitcoin or gift cards. This type of malware has been a major headache for many organizations and companies, since all it takes for important, possibly confidential documents to be lost is a couple of clicks from an unsuspecting employee.

Wildfire is special because it originates from spam emails written in Dutch, mostly targeting people living in the Netherlands and Belgium. The spam email poses as a message from a Dutch transport company, stating that the victim has missed a delivery.

Researchers state that the hackers behind Wildfire “clearly put a lot of effort into making their spam emails look credible and very specific,” with the email containing real addresses and contact information to make the message more believable in an effort to get potential victims to download the malware contained in the email attachment.

No More Ransom Project

The No More Ransom Project is a collaborative effort between the National High Tech Crime Unit of the Netherlands’ Police, Europol’s European Cybercrime Centre, Kaspersky Lab and Intel Security. Their primary objective is to prevent ransomware from infecting victims, and if that happens, to provide a free method for recovering users’ files. Their team has provided decryption tools for seven strains to date: Chimera, Teslacrypt, Shade, CoinVault, Rannoh, Rakhni and now WildFire. Alongside decryption software, a file analyzer is also available to help users determine what exact malware is infecting their system.

What do you think about ransomware? Do you support the No More Ransom Initiative? Tell us what you think in the comments below!

Source: ZDNet

Images courtesy of NICVA, ZDNet.

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.