Kaseya receives decryption key for massive ransomware breach

·1 min read

Middleware provider Kaseya said Thursday it received a key to unlock the encrypted computers of more than 1,000 companies after a Russian-based hacking group locked the systems as part of a massive ransomware campaign earlier this month, according to AP.

Why it matters: The company would not disclose how it obtained the key or if it paid a ransom to REvil, the group behind the breach, but it said the key was working and its customers around the world were regaining access to their systems.

Get market news worthy of your time with Axios Markets. Subscribe for free.

  • REvil conducted the campaign by exploiting a flaw in software that Kaseya supplied to its customers, who are themselves managed service providers that provide IT management and other core network functions for businesses.

The big picture: Kaseya's announcement comes a bit over a week after dark web sites that REvil used to facilitate its ransom negotiations mysteriously went offline.

  • It's still unknown whether the sites went down because of a technical problem, a law enforcement operation, or some other explanation.

  • REvil at one point demanded $70 million to restore data they claimed for ransom through the July 4 weekend operation that targeted Kaseya.

Go deeper: State Department offers $10 million in rewards for cyber crime information

More from Axios: Sign up to get the latest market trends with Axios Markets. Subscribe for free

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting