NS Florida Kaseya, a company whose software was abused in a devastating July 4 weekend ransomware attack, has a universal key to decipher all over 1,000 companies and public institutions that have failed in a global incident. received.
Kaseya spokeswoman Dana Liedholm did not disclose how to get the keys or pay the ransom on Thursday. She only said it was from a “trusted third party” and Kaseya distributed it to all victims.
Ransomware analysts provided several possible explanations for why a master key was introduced that could unlock the scrambled data of all victims of an attack. They include: Kaseya paid. Government paid; many victims pooled funds. NS Kremlin He seized the key from the criminal and handed it over through an intermediary. Alternatively, the protagonist of the attack may not have been rewarded by the gang where the ransomware was used.
The Russian-linked criminal organization REvil, where the malware was used in the attack, disappeared from the Internet on July 13. This could have robbed affiliates who leased REvil’s malware of potential income. Affiliates usually earn most of the ransom. Small victims were required to pay as low as $ 45,000, but the gang was thought to have been overwhelmed by ransom negotiations beyond control. It has decided to require $ 50 to $ 70 million for master keys to unlock all infections.
Many victims are now rebuilding their networks or restoring from backups.
According to Liedholm, this is a mixed bag, as some are “completely blocked.” She did not have an estimate of the amount of damage and did not comment on whether a proceeding was filed against Kaseya. It’s not clear how many victims paid the ransom before REvil went dark.
The so-called Kaseya supply chain attack is the worst ransomware ever, as companies called managed service providers have spread through the software they use to manage multiple customer networks and provide software updates and security patches. It was an attack.
President Joe Biden Called him Russia One, Vladimir Putin He then pressured the US government to stop providing safe havens for cybercriminals conducting costly attacks that it considers a national security threat. He threatened to pay Russia for the failure to crack down. However, it has not identified possible steps for the United States.
If the universal decryption tool for the Kaseya attack was handed over without payment, this is not the first time a ransomware criminal has done so. This happened in May after the Contigang disrupted Ireland’s national health service and the Russian embassy in Dublin offered to “support the investigation.”
Ransomware victim Kaseya gets master key and unlocks network Joe Biden Ireland Vladimir Putin Kremlin Dublin
Source link Ransomware victim Kaseya gets master key and unlocks network Joe Biden Ireland Vladimir Putin Kremlin Dublin