Home Technology Kaseya obtains REvil ransomware decryptor key – The Washington Post

Kaseya obtains REvil ransomware decryptor key – The Washington Post

by Bioreports

The company hit by a massive ransomware attack just before July Fourth weekend said it has obtained a computer key to unlock the files of hundreds of companies.

Kaseya, an information technology company, said it got the universal decryptor key from a “trusted third party” and has validated that it works. Spokeswoman Dana Liedholm said Kaseya received the key Wednesday and has been working with customers to roll it out.

Liedholm declined to say whether Kaseya paid a ransom to obtain the key.

Kaseya provides a software that allows companies to manage their computer systems, and it supplies that to managed service providers that in turn service tens of thousands of companies. The affected software spread to between 800 and 1,500 companies, Kaseya estimated. Those companies were then unable to access their files. Instead, they were prompted to pay a ransom to get a decryptor key that would return control to them. The ransom demands ranged from $45,000 for smaller companies up to $5 million for larger ones.

The ransomware attack was the latest in a string of high-profile attacks stemming mainly from organized groups of hackers based in Eastern Europe. The frequency and severity of such attacks have increased in the past two years, especially as hackers band together to make the attacks more lucrative.

Hackers made their way into Kaseya’s software by discovering a vulnerability in the company’s software and using that to get into their system. But most ransomware attacks use relatively unsophisticated methods to break into computers, such as sending phishing emails that trick employees into opening an attachment or clicking on a link that downloads malicious software, which goes on to encrypt files and bar access to the whole network.

Some experts conservatively estimate that hackers received $412 million in ransom payments just last year.

A high-profile attack against Colonial Pipeline in May caused panicked fuel-buying and long lines at gas stations. Another attack, against meat supplier JBS, temporarily shut down meat plants across the United States. The company eventually paid hackers $11 million to restore its systems.

You may also like

Leave a Reply