Florida Company Receives Master Key Following Ransomware Attack | WABNEWS

Kaseya, the Florida company whose software was exploited in the extortion (ransomware) attack launched on the weekend of July 4, has received a universal key that will decrypt the data of the more than 1,000 public companies and organizations that were viewed. affected. Kaseya spokeswoman Dana Liedholm did not say on Thursday how the key was obtained or if any ransom had been paid. He only commented that it came from a “trusted third party” and that Kaseya was distributing it to all victims. The cybersecurity company Emsisoft confirmed that the key worked and that it was providing help. The ransomware analysts offered several possible explanations as to why the master key has now appeared, which can unlock the encrypted data of all victims of the attack. Among them are that Kaseya or a government made a payment, that several victims raised the funds, that the Kremlin obtained the key from the criminals and handed it over through intermediaries, or that perhaps the main protagonist of the attack did not receive payment from the group. whose ransomware was used. REvil, the Russian-linked criminal group that provided the malware, disappeared from the internet on July 13. That likely starved those who carried out the attack of revenue, as these partners share the revenue with the groups that rent the ransomware from them. In Kaseya’s attack, the group is believed to have been overwhelmed by more ransom negotiations than it could handle, and decided to ask for between $ 50 million and $ 70 million for a master key that would unlock all infections. By now, many victims will have rebuilt their networks or restored them from backups. There’s a bit of everything, Liedholm said, because some “have been in complete lockdown.” It also did not have an estimate of the cost of the damages and did not comment on whether lawsuits have been filed against Kaseya. It is not clear at this time how many victims could have made ransom payments before REvil disappeared. Kaseya’s so-called outsourced attack was the worst ransomware incident to date, because it was spread through software that companies known as managed service providers use to manage the networks of multiple customers, delivering software updates and patches. security. Connect with the WABNEWS! Subscribe to our YouTube channel and activate notifications, or follow us on social networks: Facebook, Twitter

and Instagram.