DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Free REvil ransomware master decrypter released for past victims

Posted on September 16, 2021September 16, 2021 by Dissent

Lawrence Abrams reports:

A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free.

The REvil master decryptor was created by cybersecurity firm Bitdefender in collaboration with a trusted law enforcement partner.

While Bitdefender could not share details about how they obtained the master decryption key or the law enforcement agency involved, they told BleepingComputer that it works for all REvil victims encrypted before July 13th.

Read more on BleepingComputer.

This limited explanation does seem to support claims or speculation about law enforcement involvement  as part of the reason for REvil’s sudden disappearance after the Kaseya attack.  But it also doesn’t necessarily rule out an explanation offered by a new “REvil” on a Russian forum who claims that there was simply a mistake in generating a decryptor key that resulted in a master decryptor being generated and getting out.  That explanation, noted previously on this site, was met with significant skepticism.

 

Related Posts:

  • Fonix ransomware shuts down and releases master…
  • Kaseya obtains universal decryptor for REvil…
  • DarkSide ransomware decryptor recovers victims'…
  • Ragnarok ransomware releases master decryptor after shutdown
  • Ziggy ransomware shuts down and releases victims'…

Post navigation

← LA: Post-Ida cyber attack hits Jefferson Parish courts; closures to last until at least Sept. 20
TX: Lubbock County confirms private information accessible under new computer system, says situation not a data breach →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • AlphV claims they have started contacting some of Tipalti’s clients
  • Research: Privacy as Pretense: Empirically Mapping the Gap Between Legislative & Judicial Protections of Privacy
  • What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
  • On September 2nd, the U.S. branch of Great Star Industrial Co. disbursed a ransom of 1 million dollars to a ransomware group
  • Former Public School Information Technology Manager Charged with Damaging School’s Computer Network
  • Sellafield nuclear site hacked by groups linked to Russia and China
  • Hackers steal IDF patient records from cyberattack on Israeli hospital (corrected)
  • AlphV claims an attack before even alerting the victim. How will that work out for them? (1)

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net