Security News > 2021 > July > Kaseya Obtains Universal Decryptor for Ransomware Attack Victims

IT management software maker Kaseya on Thursday said it obtained a universal decryptor that should allow victims of the recent ransomware attack to recover their files.

In early July, cybercriminals exploited vulnerabilities in a Kaseya product to deliver ransomware to MSPs who had been using that product, as well as to the customers of those MSPs. The company estimated that between 800 and 1,500 organizations received the ransomware, although some experts believe the actual number could be higher.

"We can confirm that Kaseya obtained the tool from a third party and have teams actively helping customers affected by the ransomware to restore their environments, with no reports of any problem or issues associated with the decryptor," Kaseya said.

It's unclear how Kaseya got the decryptor, but the company said it was obtained from a "Trusted third party." Cybersecurity company Emsisoft verified the decryptor and confirmed that it works properly, Kaseya said.

The Tor-based website used by the REvil ransomware gang to name victims and leak stolen data went offline roughly ten days after the attack on Kaseya, and it's currently still down.

Due to the fact that the ransomware was delivered to victims via Kaseya software and it immediately started encrypting their data, the cybercriminals did not get a chance to steal information from compromised systems, as they did in past attacks.

News URL

http://feedproxy.google.com/~r/securityweek/~3/RW0iQ3hQFDc/kaseya-obtains-universal-decryptor-ransomware-attack-victims