Free decryptor key for REvil/Sodinokibi ransomware released
The key was made possible thanks to a collaboration between law enforcement and Bitdefender
Cyber security firm Bitdefender has collaborated with a law enforcement agency to create a free decryptor for REvil/Sodinokibi ransomware.
Researchers at the company worked with an unnamed agency to release a free, universal decryptor key capable of unlocking the data of any organizations affected by the ransomware, according to a blog post.
The company said that the tool will help victims encrypted by REvil ransomware to restore their files and recover from attacks made before July 13, 2021. This date was when parts of REvil’s infrastructure went offline, leaving infected victims who had not paid the ransom unable to recover their encrypted data.
Bitdefender said that the investigation into the ransomware gang is “ongoing” and would not be able to comment on details related to this case until authorized by the lead investigating law enforcement partner.
“Both parties believe it is important to release the universal decryptor before the investigation is completed to help as many victims as possible,” the firm said in a statement.
Researchers warned that new REvil attacks are imminent after the ransomware gang’s servers and supporting infrastructure recently came back online after a two-month hiatus.
“We urge organizations to be on high alert and to take necessary precautions,” the researchers added.
RELATED RESOURCE
The business guide to ransomware
Everything you need to know to keep your company afloat
REvil is regarded as a ransomware as a service (RaaS) operator, mostly likely based in a country in Eastern Europe, or Russia. The gang surfaced in 2019 as a successor of the now-defunct GandCrab ransomware. REvil is one of the most prolific examples of ransomware on the dark web as affiliates have targeted thousands of organizations worldwide.
The affiliates encrypt data before demanding huge ransoms, sometimes up to $70 million in exchange for a decryptor key.
Victims of REvil ransomware can download the new decryption tool for free to recover their data from Bitdefender’s website. A step-by-step tutorial on how to use the REvil decryption tool is available here.
-
Sumo Logic expands European footprint with AWS Sovereign Cloud dealNews The vendor is extending its AI-powered security platform to the AWS European Sovereign Cloud and Swiss Data Center
-
Going all-in on digital sovereigntyITPro Podcast Geopolitical uncertainty is intensifying public and private sector focus on true sovereign workloads
-
Ransomware gangs are using employee monitoring software as a springboard for cyber attacksNews Two attempted attacks aimed to exploit Net Monitor for Employees Professional and SimpleHelp
-
Ransomware gangs are sharing virtual machines to wage cyber attacks on the cheap – but it could be their undoingNews Thousands of attacker servers all had the same autogenerated Windows hostnames, according to Sophos
-
Google issues warning over ShinyHunters-branded vishing campaignsNews Related groups are stealing data through voice phishing and fake credential harvesting websites
-
The FBI has seized the RAMP hacking forum, but will the takedown stick? History tells us otherwiseNews Billing itself as the “only place ransomware allowed", RAMP catered mainly for Russian-speaking cyber criminals
-
Everything we know so far about the Nike data breachNews Hackers behind the WorldLeaks ransomware group claim to have accessed sensitive corporate data
-
There’s a dangerous new ransomware variant on the block – and cyber experts warn it’s flying under the radarNews The new DeadLock ransomware family is taking off in the wild, researchers warn
-
Hacker offering US engineering firm data online after alleged breachNews Data relating to Tampa Electric Company, Duke Energy Florida, and American Electric Power was allegedly stolen
-
Cybersecurity experts face 20 years in prison following ransomware campaignTwo men used their tech expertise to carry out ALPHV BlackCat ransomware attacks
