The cyber security firm, Bitdefender has just released a universal decryptor for the REvil ransomware which will work for any victims who were attacked before the 13th of July. The decryptor was made in collaboration with an unidentified “trusted law enforcement partner.”
This decyptor will enable victim who didn’t pay or couldn’t pay after REvil went offline following their attack on Kaseya earlier this year, in July. Bitdefender didn’t provide any more details on how they got hold of this tool or the details of the involvement of the “trusted law enforcement partner”. There is a belief that that the law enforcement partner, which is involved, was able to create the universal decryptor based on an interaction of a REvil operative who accidentally generated the universal key that was sent along to a victim.
But for any victim from the REvil ransomware gang since 13th of July, the decryptor doesn’t work as the gang have made changes that prevent Bitdefender’s universal decryptor from being able to decrypt any encrypted file of any new victims since REvil’s return to the dark web.
© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.