No More Ransom

Today marks the third anniversary of No More Ransom and through its partners from the public and private sectors, law enforcement, academia, and researchers, the project has been able to help hundreds of thousands, if not millions, of victims get their encrypted files back for free.

No More Ransomware was created in 2016 through an alliance between Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands’ police, and McAfee to battle ransomware and provide free decryption services and support to victims.

Today, No More Ransom consists of 151 partners, with BleepingComputer joining the project in 2018 so that we could offer our decryptors, information, and help to a wider range of victims.

Partner breakdowns
Partner breakdowns

$108 million saved, but we think it's much more

Over the past three years, No More Ransom has had 3 million visitors and now hosts an impressive array of 89 decryptors that can decrypt 109 different families or variants of ransomware.

Through the use of these decryptors, No More Ransom estimates that they have helped over 200k people and $108 million has been saved by users decrypting their files for free.

Ransomware decryptors by partner
Ransomware decryptors by partner

While 200k victims and $108 million is an impressive amount, BleepingComputer feels that the number is actually much higher.

Since May 2019, the decryptors at BleepingComputer, many of which have been created by Michael Gillespie, have been downloaded over 320,000 times. Our overall lifetime number is probably in the millions, though, as we have been hosting decryptors for years, but our direct download statistics only go as far back as May and do not include older and wide-spread ransomware such as TeslaCrypt.

As the decryptors we host do not include telemetry, it is not possible to say how many victims were able to recover their files by using them. It is fair to make the assumption that it is a lot from the thanks and comments we receive.

Some of the more popular decryptors downloaded from BleepingComputer are for the STOP Ransomware, TeslaCrypt, Jigsaw, and the generic HiddenTear decryptor that covers a wide range low quality ransomware.

Furthermore, the largest provider of decryptors, Emsisoft, does not include telemetry in most of their decryptors as well. Due to their lack of telemetry, Emsisoft believes that the total amount is far greater than $108 million.

"They’re based on the number of successful decryptions confirmed by telemetry, which none of our tools include. They’ve been downloaded more 1.6 million times, so it’d be more accurate to say they’ve helped folk avoid north of $800 million in ransom demands." Emsisoft told BleepingComputer in conversations.

Ultimately, it doesn't matter how much money is saved, but rather how many people get their files back for free. It is just as important for a parent to recover the pictures of their loved ones as it is to recover a corporate network.

Related Articles:

The Week in Ransomware - July 26th 2019 - State of Emergency

LooCipher Ransomware Decryptor Gets Your Files Back for Free

Monroe College Hit With Ransomware, $2 Million Demanded

The Week in Ransomware - June 21st 2019 - Backup, Backup, Backup!

Release of GandCrab 5.2 Decryptor Ends a Bad Ransomware Story