Posted on 07/23/2021 4:44:10 PM PDT by dynachrome
Earlier this month, a massive supply chain attack conducted by the REvil ransomware gang hit the cloud-based managed service provider platform Kaseya, impacting both other MSPs using its VSA software and their customers.
For the initial attack vector, REvil operators exploited an authentication bypass zero-day (CVE-2021-30116) in the web interface of the Kaseya VSA server to gain an authenticated session. Then, the attackers uploaded the payload and executed a command via SQL injection to deploy the malicious updates. Ransomware operators initially asked the owners of systems infected in this campaign $44,999 worth of Bitcoin. Later, they changed tactics and demanded a single massive ransom of $70 million from all of the victims. Kaseya now announced to have received a universal decryptor that allows victims of the ransomware attack to recover their files for free.
Kaseya now announced to have received by trusted third-party a universal decryptor that allows victims of the ransomware attack to recover their files for free.
The software firm tested the tool and verified that it successfully recover the files encrypted with the REvil ransomware, now the company is providing the tool to its customers to help them to restore the encrypted systems. The company confirmed that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the attack.
Now the availability of a universal decryptor made the headline, but the company did not reveal if it has obtained the tool after the payment of the ransom.
We cannot exclude that the REvil operators have released the decryptor for free to avoid the pressure of the authorities and law enforcement.
(Excerpt) Read more at securityaffairs.co ...
Or the ransomware hackers were found and liquidated after yielding the decrypting application under “enhanced interrogation” techniques.
“or someone talked.”
or MADE to talk ...
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.