Skip to content

Software vendor caught up in ransomware attack obtains decryptor key

Posted by: GuidePoint Security

< 1 min read

July 22, 2021 – Article posted on CNN

Kaseya, the software firm whose remote access tool was used to deliver REvil ransomware to hundreds of businesses around the world, has obtained a decryptor key allowing the company to unlock networks seized by the malware and is currently helping to restore the systems of customers whose networks were still locked down by REvil’s software.

Others have verified the effectiveness of the key at restoring victim data.

CNN spoke with GuidePoint Security’s principal threat intelligence analyst, Drew Schmitt, who said that although he is not involved with the situation at Kaseya, he’s confident the key should work based on his experience working on ransomware cases. “There are very limited circumstances where I’ve obtained a decryptor during a negotiation and found out it either doesn’t work or found some major problem with it,” Schmitt said. “The percentage of cases or incidents where the decryptor just flat-out doesn’t work is really, really low and is closer to zero than anything.”

Read More HERE.

Categories: Cybersecurity News
Tags:GRIT®

GuidePoint Security

GRIT 2025 Q1 Ransomware & Cyber Threat Report
Trends and threats from the past year, with insights to protect your organization.
Download Now

Related Articles

View All

  • Blog
Navigating Incident Response Documentation
Posted by: Robert Bell
Read More 3 min read
  • GRIT® Blog
Interlock Intrusion: How Interlock Achieves Encryption
Posted by: Jean-Pierre Mouton
Read More 9 min read
  • News
Wiz on Cloud Security in 2025: Navigating the Future of Cyber Threats and Defense
Read More 5 min read