Security News > 2021 > August > Kaseya's universal REvil decryption key leaked on a hacking forum

Kaseya's universal REvil decryption key leaked on a hacking forum
2021-08-11 06:01

The universal decryption key for REvil's attack on Kaseya's customers has been leaked on hacking forums allowing researchers their first glimpse of the mysterious key.

On July 22nd, Kaseya obtained a universal decryption key for the ransomware attack from a mysterious "Trusted third party" and began distributing it to affected customers.

To be clear, while it was originally thought that the decryption key in this screenshot might be the master 'operator' key for all REvil campaigns, BleepingComputer has confirmed that it is only the universal decryptor key for victims of the Kaseya attack.

The leaked key generates public key F7F020C8BBD612F8966EFB9AC91DA4D10D78D1EF4B649E61C2B9ADA3FCC2C853.

BleepingComputer tested the leaked key by patching an REvil universal decryptor with the decryption key leaked in the screenshot.

Regardless of the reasons for it being posted, for those following the Kaseya ransomware attack, this is our first access to the universal decryptor key that Kaseya mysteriously received.


News URL

https://www.bleepingcomputer.com/news/security/kaseyas-universal-revil-decryption-key-leaked-on-a-hacking-forum/