The American software company Kaseya, who recently occupied the media after a ransomware attack which influenced her and many other companies, has now access the universal decryption key for ransomware REvil.
The company announced yesterday its access to the decryption tool, about 20 days after attack that took place on 2 July.
The attack affected 60 Kaseya customer companies and about 1.500 customers of these companies. Many of the victims who used Kaseya software had problems for days due to the ransomware attack.
According to Kaseya, the security company Emsisoft confirms decryption key unlocks files encrypted with REvil ransomware.
"We can confirm that Kaseya has acquired the tool and we have teams helping clients recover their environment without reporting any problems or issues with the decryption tool" Kaseya said in a statement.
Kaseya is working with Emsisoft to help customers affected by this incident.
A customer whose name we do not know said last week that he paid ransom in ransomware gang REvil, but could not decrypt its files with the decryption key given to it by hackers.
REvil gang sites were found offline last week, when the President of the United States Joe Biden pressured the Russian president Vladimir Putin to take action to suppress the activities of cybercriminals based in Russia and targeting US companies.
Learn more: REvil Ransomware: Disable gang sites
Biden reportedly told Putin that critical infrastructure should be protected. We do not forget the problems that arose after the ransomware attack of the DarkSide gang on Colonial pipeline.
It is not clear whether Kaseya paid the ransom demanded by the hackers ($ 70 million). A Kaseya spokesman told The Guardian that the company obtained the decryption tool from a "trusted source".
While some of the victims of the attack had managed to restore their systems, others remained offline. Therefore, this decryption tool can help a large number of companies.