The Belgian federal police has released free decryption keys for Cryakl ransomware following an international law enforcement operation.
On 9 February, the European Union Agency for Law Enforcement Cooperation (Europol) announced the release of the keys through No More Ransom. The move represents the culmination of an investigation that involved Belgian police, the Dutch National Police, and internet security companies. As the EU’s law enforcement agency explains in a press release:
When the Belgian Federal Computer Crime Unit (FCCU) discovered that Belgian citizens had been victims of the Cryakl ransomware, they were able to locate a command and control centre in one of Belgium’s neighbouring countries. Led by the federal prosecutor’s office, the Belgian authorities seized this and other servers while forensic analysis worked to retrieve the decryption keys. Kaspersky Lab provided technical expertise to the Belgian federal prosecutor and has now added these keys to the No More Ransom portal on behalf of the Belgian federal police. This will allow victims to regain access to their encrypted files without having to pay to the criminals.
These new decryption keys work against one of 84 threats “defeated” by No More Ransom, a joint initiative of internet security companies and law enforcement which helps victims of ransomware decrypt their encrypted files for free. Victims of Cryakl or any other variant supported by No More Ransom should make sure they read the how-to guide for a decryption solution before they install it. They should also make sure they use a reputable anti-virus program to remove the ransomware first. If they don’t, the threat will just re-encrypt their files.
The Belgian Federal Computer Crime Unit’s investigation into Cryakl is ongoing as of this writing.
In the meantime, it’s important that users take certain steps to protect themselves against ransomware, a threat which Europol said has taken cybercrime to “another level.” They can do so by backing up their data and keeping their systems up-to-date. For additional ransomware prevention tips, click here.