When Ransomware Group REvil Vanished, Its Victims Were Stranded
While Kaseya clients and their clients got some welcome help in the past few days when Kaseya announced that they had a universal decryptor go give clients — a decryptor that they claim they did not pay anyone in any way to obtain — there are are still other victims of REvil struggling. Kartikay Mehrotra reports
According to two people familiar with REvil’s targets, at least three victimized companies that were left in the lurch when the group went offline were able to fully restore operations using still-accessible backup files. Six others have partially restored services, said the people, who asked to remain anonymous discussing private information. But many of the rest of the victims—including manufacturers healthcare providers and private schools—were left to frantically reach out to their MSPs, competitors and cyber research firms in what was ultimately a fruitless hunt for a functional decryption key. Unfortunately, landing a key that works on multiple victim networks is extremely rare.
Read more on Bloomberg.