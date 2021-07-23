



BOSTON (AP) The Florida company whose software was utilized in the devastating ransomware’s fourth weekend of July attack has received a universal key that will decipher all of the more than 1,000 businesses and public organizations damaged in the incident. global. Kaseya spokeswoman Dana Liedholm did not say Thursday how the key was obtained or whether a ransom was paid. She only said it came from a trusted third party and that Kaseya was distributing to all the victims. Cybersecurity firm Emsisoft confirmed that the key worked and was offering support. Ransomware analysts offered multiple possible explanations as to why the key, which can unlock mixed data of all attack victims, has now appeared. They include: Paid cashier; a paid government; a number of joint victim funds; The Kremlin seized the key from the criminals and handed it to them through intermediaries or perhaps the main attacker was not paid by the gang whose ransomware was used. The Russia-linked criminal syndicate that supplied the malware, REvil, disappeared from the Internet on July 13. This is likely to deprive anyone who carried out the revenue attack because such associates shared rewards with unions that rent them ransomware. In the Kaseya attack, the union was believed to be overwhelmed by more reward negotiations than it could manage and decided to ask for $ 50 to $ 70 million for a key that would unlock all the infections. By now, many victims will have rebuilt their networks or recovered them from bookings. It’s a mixed bag, Liedholm said, because some have been in complete blockage. She had not estimated the cost of the damage and would not comment on whether any lawsuits could have been filed against Kaseya. It is not clear how many victims may have paid the rewards before REVIL went dark. The so-called Kaseya supply chain attack was the worst ransomware attack to date because it spread through the software that companies known as managed service providers use to manage multiple customer networks, offering software updates and fixes. security. President Joe Biden called on his Russian counterpart, Vladimir Putin, then to press him to stop providing a safe haven for cybercriminals whose costly attacks the U.S. government deems a national security threat. He has threatened to make Russia pay a price for failing to strike, but has not specified what action the United States can take. If the universal decryptor for the Kaseya attack were to return free of charge, it would not be the first time ransomware criminals have done so. This came after the Conti gang hobbled the Irelands national health care service in May and the Russian Embassy in Dublin offered assistance with the investigation.

