On Thursday Kaseya announced that it obtained a decryptor key from third parties for companies who had been affected by REvil ransomware attack.
REvil ransomware attack: Kaseya obtains decryptor key
A week ago, the ransomware gang went silent on all of its websites, and it had not been clear whether their disappearing act was a sign of defeat. Another assumption was that the US government had taken care of the issue as they had launched an investigation that involved the FBI. President Joe Biden had also said that if Russia was involved, there would be consequences.
Since then, Kaseya says they’ve been working with Emsisoft to support its customer engagement efforts. The company also added that Emsisoft has confirmed that the key is effective at unlocking victims.
“We remain committed to ensuring the highest levels of safety for our customers and will continue to update here as more details become available,” the software company wrote on its blog.
The anti-malware company also noted that “customers who have been impacted by the ransomware will be contacted by Kaseya representatives.”
More than 1 000 companies affected
The attack which took place on 2 July 2021, affected more than 1 000 companies in 17 countries around the world including UK, South Africa, Canada, Argentina, Mexico, and Spain.
The REvil gang is the same group that had previously launched an attack on JSB SA and scored millions in bitcoin.
During this cyber heist, which has been ongoing for more than 19 days now, the group demanded a little over R1 billion ($70 million), claiming it had seized sensitive data from companies around the world.
A Swedish supermarket chain was forced to close hundreds of its stores for three days after the ransomware attack pushed its checkouts offline, IOL reported.
It still hasn’t been confirmed whether the payment had occurred or not. Kaseya has not said how it came by this technology, The Verge reported, saying the company had told Bleeping Computers.