Ransomware key to unlock customer data from REvil attack | Loop Vanuatu
 

Ransomware key to unlock customer data from REvil attack

A computer key that can unlock the files of hundreds of companies which were hacked in a large-scale cyber-attack has been obtained.

US IT firm Kaseya - which was the first to be targeted earlier this month - said it got the key from a “trusted third party”.

Ransomware is malicious software that steals computer data and scrambles it so the victim cannot gain access.

The hackers then ask for payment in return for releasing the files.

Kaseya’s decryptor key will allow customers to retrieve missing files, without paying the ransom.

The company’s spokeswoman Dana Liedholm declined to answer whether Kaseya had paid for access to the key.

She told tech blog Bleeping Computer that the firm was actively helping customers restore their files.

The "supply chain" attack initially targeted Kaseya, before spreading through corporate networks which use its software.

Kaseya estimated that between 800 and 1,500 businesses were affected, including 500 Swedish Coop supermarkets and 11 schools in New Zealand.

After the attack at the beginning of July, criminal ransomware gang REvil demanded $70m worth of Bitcoin in return for a key that would unlock the stolen files.

But members of the group disappeared from the internet in the days following the incident, leaving companies with no way of retrieving the data until now.