Almond Ngan / AFP / Getty Images
The FBI had digital keys that would have been unlockedHowever, according to a report in the Washington Post on Tuesday, these keys were withheld for three weeks to target the hackers. The agency received the encryption keys after gaining access to the servers of the Russia-based criminal gang REvil, following the group’s instructions .
The group then attacked Miami-based IT firm Kaseya, which said 54 of its customers were directly infected but also estimated the attacks that infected between 800 and 1,500 companies with Kaseya software. Many of the companies have been forced to resolve the problem at a substantial cost. The FBI reportedly gave Kaseya the decryption key on July 21, but a spokesman for Kaseya told the Post that the company did not know how many of its 54 customers could use the key.
On Thursday, Romanian cybersecurity firm Bitdefender released a decryption key that allegedly can unlock computers affected by any of the REvil ransomware encryptions deployed before July 13, but not those affected by later versions of the malware. It hasn’t yet named the law enforcement agency it worked with to obtain and release the key.
BREAKING – Working with a trusted law enforcement agency, we released a universal decryptor for Revil / Sodinokibi. Read more about Bitdefender Labs: https://t.co/NCfY1pQFDC
– BitdefenderLabs (@BitdefenderLabs) September 16, 2021
The outlet noted that since REvil reappeared this month, eight new victims have been struck by the group’s attacks, including a legal aid service for the poor.
The FBI declined CNET’s request for comment.