Ransomware key to unlocking customer data from REvil attack

Ransomware key to unlocking customer data from REvil attack.

US IT firm Kaseya, which was the first to be attacked earlier this month, said it obtained the key from a “trusted third party.”

Ransomware is malicious software that steals computer data and encrypts it so that the victim cannot access it.

The hackers then requested payment in exchange for releasing the files.

Kaseya’s decryption key will allow customers to recover lost files without paying the ransom.

Company spokesperson Dana Liedholm declined to answer whether Kaseya had paid for access to the key.

She told the Bleeping Computer technology blog that the company was actively helping clients restore their files.

The “supply chain” attack initially targeted Kaseya before spreading across corporate networks using her software.

Kaseya estimated that between 800 and 1,500 businesses were affected, including 500 Swedish Coop supermarkets and 11 schools in New Zealand.

After the attack in early July, the REvil ransomware criminal gang demanded $70 million in Bitcoin in exchange for a key that would unlock the stolen files.

But members of the group disappeared from the internet in the days after the incident, leaving companies with no way to recover the data until now.