Ransomware Removal Tools Not Needed? Kaspersky Labs Finds Ways Around Paying Attackers

Ransomware removal tools useful for removing TorLocker

Ransomware removal tools might not be necessary if your computer has become infected with the new type of virus. Ransomware is a kind of code that searches your system and encrypts vital information. The only sure way to access the information is to pay the creator of the virus for a key to unlock your data.

Various police departments have been paying them to release files, as previously reported by the Inquisitr. A suburban Chicago community has fallen victim to the demands and paid over $500 for access to their own files.

A blogger at Securelist has discovered a way around the payment by examining the code used in the Ransomware known as TorLocker. Initially used on Japanese users, the virus was discovered on October 24, 2014. This isn’t the earliest form, but it certainly created headaches for businesses and private PC users who suddenly couldn’t even access their own content.

You know your system has been compromised if you see the following image as your wallpaper (edited for your own safety).

Ransomware TorLocker wallpaper installs after infection

There are indeed ransomware removal tools available, or you might even stick with the classic method of paying the hackers for the key. Victor Alyushin and Fedor Sinitsyn discovered code in the virus that can be manipulated without spending a dime, though.

The security company (Kaspersky Labs) acquired two samples of TorLocker, otherwise known to hackers as “Trojan-Ransom.Win32.Scraper,” just for this examination.

The result of their work can be found by clicking here and downloading their ScraperDecryptor utility, which disables the TorLocker encryption code in around 70 percent of cases.

How can you avoid being a victim of the virus without needing ransomware removal tools, though?

Considering that hackers using the virus target major businesses such as various police departments, it seems almost impossible to avoid. Other targets for ransomware include gaming sites which have been compromised (be wary of any site that allows you to download copyrighted games for free). If a pop-up appears on such a site that you can’t get rid of, it is highly suggested that you run the Task Manager (easily found on Windows by hitting Control + Alt + Delete), close the browser, and then scan your system.

The simplest and cheapest way to avoid it may be to download and install Malwarebytes Anti-Malware and run a custom scan on anything you download before you run or install it. The software is free, although you will have to pay for a full version which scans your system automatically.

Since most of us aren’t hackers, you’re probably best off using Kaspersky Labs’ answer to TorLocker if you find your system infected. This ransomware removal tool might not be 100 percent effective, but if it works, you just saved yourself hundreds of dollars to use your own computer again.

[Images via SecureList, Free Twitter Headers]