Cybersecurity firm Bitdefender has made available a universal decryptor for the victims of the infamous REvil ransomware, which it has made in collaboration with an unidentified “trusted law enforcement partner.”
The company says that all victims who’ve had their files encrypted by the REvil ransomware can use the decryptor to restore their files.
The REvil gang mysteriously went offline a couple of months back in July 2021, but has recently surfaced again on underground hacking forums.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
- These are the best ransomware protection tools
- Here's our choice of the best malware removal software on the market
- We’ve also compiled a list of the best backup software
“On July 13 of this year, parts of REvil’s infrastructure went offline, leaving infected victims who had not paid the ransom unable to recover their encrypted data. This decryption tool will now offer those victims the ability to take back control of their data and assets,” notes Bitdefender.
Capitalizing on a mistake
REvil went offline after orchestrating the Kaseya attacks back in July, following which its properties on both the dark-web and normal web went offline. The disappearance led to speculation that the group could have been hit by law enforcement agencies.
The same was confirmed by Bitdefender as it put out the universal decryptor by pointing out that it can’t share more details about the tool and REvil’s operations since it’s part of an “ongoing investigation.”
After being offline for about two months, an alleged representative of the gang started engaging with members on the Russian-language Exploit cybercrime forum last week, sharing details about the group’s apparent re-emergence.
Interestingly, the representative claimed that the law enforcement agencies were able to create the universal decryptor only because one of the REvil operatives accidentally generated the universal key, which was then sent along to a victim.
In any case, Bitdefender shared that it believes the gang is back, and urged businesses to be on high-alert and take necessary precautions.
Of course, the gang would have made the necessary changes in their infrastructure to ensure that Bitdefender’s universal decryptor doesn’t work for any new victims, post the imminent resumption of its malicious activities.
- Also check our list of the best cloud backup services