Hacked US Tech Firm Secures Tool To Restore Services

A US IT firm that was attacked by a huge ransomware attack said it had secured a decryption tool that would allow it to open networks for the approximately 1,500 firms affected.

Kaseya, based in Miami, took down its servers following the July 2 attack, which disrupted companies ranging from pharmacies to petrol stations in at least 17 countries and forced the majority of Sweden’s 800 Coop supermarkets to close their doors for several days.

“We can confirm that Kaseya got the tool from a third party and that teams are actively assisting clients hit by the ransomware in restoring their environments,” Kaseya stated in a statement issued Thursday.

The company did not reveal the third party that was utilized to obtain the decryptor, nor did it clarify whether it had paid the hackers, who requested $70 million in bitcoin in exchange for data obtained during the attack.

“Kaseya is collaborating with Emsisoft to enhance our customer engagement efforts, and Emsisoft has proven the key’s effectiveness in unlocking victims,” the business claimed.

Ransomware assaults, an increasingly lucrative kind of digital hostage-taking, primarily involve hackers encrypting victims’ files and then demanding money to recover access.

Russia-based hackers REvil are generally suspected of being behind the ransomware scheme after releasing confidential data from organizations whose machines they took over on their “Happy Blog” in order to persuade them to pay a ransom.

US Vice President Joe Biden warned his Russian counterpart Vladimir Putin not to harbor cybercriminals and said that Washington would take action in the face of increasing online threats.

REvil went offline shortly after the warnings, prompting concern as to whether their disappearance was the result of government-led action.

While Kaseya is relatively unknown to the general public, researchers believe it was a prime target because its software is utilized by approximately 40,000 firms, allowing the hackers to cripple multiple enterprises with a single hit.

The company provides cybersecurity and IT services to smaller businesses, allowing hackers to infiltrate Kaseya’s clients and affiliates.

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.