Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Kaseya secures decryptor key following cyber attack

The software has obtained a decryptor for victims of a REvil ransomware attack.

user icon
Tue, 27 Jul 2021
Kaseya secures decryptor key following cyber attack
expand image

Earlier this month, malicious cyber actor REvil demanded a record US$70 million ($95.2 million) to free over 1,000 Kaseya customers, including five Australian firms, from a ransomware attack.

REvil attacked Kaseya’s Virtual System/Server Administrator software, used to monitor and manage infrastructure either by a hosted cloud service or on-premises VSA servers.

However, after seeking advice from external agencies, Kaseya revealed it has now obtained a decryptor for victims of the REvil ransomware attack, and is now working to remediate customers impacted by the incident.

============
============

“We can confirm that Kaseya obtained the tool from a third party and have teams actively helping customers affected by the ransomware to restore their environments, with no reports of any problem or issues associated with the decryptor,” the firm stated.

“Kaseya is working with Emsisoft to support our customer engagement efforts, and Emsisoft has confirmed the key is effective at unlocking victims.”

Kaseya representatives will contact affected customers to assist them with the decryption.

The receipt of the decryptor follows the release of a fake Kaseya patch discovered by Infoblox.

The patch was designed to trick affected users into downloading the malware under the guise of addressing loopholes.

The malware contained within the fake patch included Cobalt Strike, which is often abused by malicious actors.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.