Kaseya can now unlock over a thousand businesses whose data has been encrypted by the REvil ransomware.
Kaseya, a Florida-based firm whose software was hacked in the disastrous REvil ransomware assault in July, has been given a universal key that will unlock all 1,000-plus companies and organizations attacked in the attack.
Dana Liedholm, a Kaseya spokesperson, would to comment on how the key was obtained or whether a ransom was paid, saying only that it came from a “trusted third party” and that the business will share it with all victims.
Possible reasons for how the master key appeared, according to ransomware analysts, include Keseya paying, the government paying, or victims pooling payments.
They speculated that the Krelim may have seized the key from criminals and passed it on through middlemen, or that the attack’s main perpetrator may not have been paid by the gang that utilized ransomware.
Continue reading for more Associated Press reporting:
REvil, the Russia-linked criminal gang behind the attack’s software, vanished from the internet on July 13. This most likely resulted in the affiliate that leased REvil’s virus losing out on potential revenue. The majority of ransoms are usually paid to affiliates. While lesser victims were requested ransoms as low as $45,000, the gang was thought to have been overwhelmed by more ransom negotiations than it could handle. It decided to request between $50 and $70 million for a master key that would unlock all diseases.
Many victims will have rebuilt or restored their networks from backups by now.
It’s a mixed bag, according to Liedholm, because certain areas have been “completely shut off.” She had no idea how much the damage would cost, and she wouldn’t say whether Kaseya was facing any legal action. Before REvil went offline, it’s unclear how many victims paid ransoms.
Kaseya’s so-called supply-chain attack was the worst ransomware attack to date because it spread through managed service provider software, which is used to oversee numerous customer networks and deliver software updates and security fixes.
Following the meeting, President Joe Biden called Russian President Vladimir Putin to urge him to stop offering safe haven to cybercriminals whose costly attacks the US administration considers a national security concern. He has promised to impose a price on Russia if it does not crack down, but he has not indicated what that price will be. This is a condensed version of the information.