InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,537.02
(
0.51%
)
US TECH 100
19,655.20
(
0.07%
)
Dow Jones
39,308.00
(
0.00%
)
Brent Oil
87.09
(
-0.27%
)
Bitcoin
55,385.01
(
-2.83%
)
Post# of 48181
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Replies (2) Keep Next 10 Report Keyboard Shortcuts
Replies (2) Next 10 Prev Next

scion

Send PM Follow Ignore
Followers 245
Posts 55847
Boards Moderated 12
Alias Born 04/12/2001

scion

Member Level

Re: scion post# 47141

Saturday, 07/24/2021 8:40:08 AM

Saturday, July 24, 2021 8:40:08 AM

Post# of 48181
One of the Most Prolific Ransomware Viruses Can Now Be Unlocked Easily

ANDREW HEINZMAN
@andrew_andrew__
JUL 23, 2021, 12:28 PM EDT | 1 min read
https://www.reviewgeek.com/93021/one-of-the-most-prolific-ransomware-viruses-can-now-be-unlocked-easily/

Kaseya, an IT management software firm, says that it’s obtained the REvil universal decryption key through a “trusted third party.” This should help Kaseya recover data from a July 4th REvil ransomware attack that affected over 1,500 businesses.

REvil is one of several ransomware groups operating out of Eastern Europe. It carried out a supply chain ransomware attack on Kaseya by exploiting a vulnerability in the company’s VSA product—a platform that Kaseya uses to distribute software to its customers. Kaseya claims that it was days away from patching this vulnerability when the hack occurred.

In the end, REvil’s ransomware affected 60 of Kaseya’s customers and over 1,500 downstream networks. The ransomware group demanded $70 million in exchange for a universal decrypter tool, though til this point, Kaseya has avoided such a deal.

So how did Kaseya get the REvil universal decryption key? It’s possible, though unlikely, that the IT firm forked over $70 million to the REvil group. A more plausible explanation is that REvil or a third party, possibly the White House or Kremlin, handed the key to Kaseya for free.

Of course, this is just speculation. But several of REvil’s dark web sites disappeared last week following a phone call between President Biden and Vladimir Putin. In a press conference on Friday, July 9th, the president claimed that he “made it very clear to [Putin] that the United States expects, when a ransomware operation is coming from their soil even though it’s not, not, sponsored by the state, that we expect them to act.”

The president also confirmed that there would be consequences for future attacks, and that the U.S. is justified in targeting servers that host ransomware operations.

Regardless of how Kaseya got its hands on the REvil decrypter, the software firm can now unlock data that businesses lost in the July 4th ransomware attack (and other REvil attacks). Hopefully, this breakthrough will reduce the number of ransomware attacks that occur in the future.

Source: The Guardian via ZDNet

https://www.reviewgeek.com/93021/one-of-the-most-prolific-ransomware-viruses-can-now-be-unlocked-easily/
Public Reply Private Reply New Post
Keep Last Read
Replies (2) Keep Last Read Next 10 Report Keyboard Shortcuts
Replies (2) Next 10 Prev Next

Join the InvestorsHub Community

Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.

Sign Up