The National Police Agency announced it has developed specialized software to recover data encrypted by Phobos and 8Base ransomware attacks.
The tool will allow users of PCs and other electronic devices to readily “mend” their stored information, even if they have no relevant technical expertise.
It means victims facing extortion will no longer have to worry about paying cash to cyber criminals.
The anti-ransomware app is available on the NPA’s website as well as the No More Ransom page operated by the European Union Agency for Law Enforcement Cooperation (Europol).
“We expect victims of cyberattacks to actively take advantage of the software,” an NPA official said on July 17.
Approximately 2,000 cyberattacks linked to Phobos and 8Base have been confirmed around the world since 2018, with at least 22 countries affected.
Around 90 companies and local governments in Japan across 29 prefectures are believed to have been affected by ransom threats since 2020.
One especially notable cyberattack in October 2022 targeted the Osaka General Medical Center in Osaka, rendering electronic care records and medical fee calculations inaccessible.
The data restoration software was developed after the NPA’s national cyber department discovered a ransomware generator program on the dark web.
This part of the internet is accessible exclusively through certain software. A range of illegal goods and information are traded on the dark web, as data transmission sources are difficult to trace.
With assistance from the FBI, the NPA identified the necessary code for encryption recovery in May of this year.
The Japan-U.S. collaboration led to completion of the new application, with a male technical officer in his 30s from the NPA’s national cyber department playing a key role in the endeavor.
Entering encrypted data into the app can effectively repair the files “100 percent.” The original data may appear within seconds, depending on the amount of inputted information.
The NPA emphasized that the software’s effectiveness was confirmed in tests by the FBI, among other parties.
Currently, Tokyo is part of a joint international investigation into Phobos and 8Base. Five Russian men suspected of playing leading role in ransomware attacks have been arrested since 2024.
In December 2023, the NPA’s national cyber department created an anti-ransomware restoration tool to protect online users from a cybercriminal group known as LockBit.
A spate of countries are now using the app, the NPA said.
