...
...
Next Story

Kaseya ransomware attack: IT firm obtains decryptor tool from ‘trusted third party’ nearly 20 days after hack

“We can confirm that Kaseya obtained the tool from a third party and have teams actively helping customers affected by the ransomware to restore their environments,” the company said in a statement.

Published on: Jul 23, 2021 05:19 PM IST
Written by | Edited by , Hindustan Times, New Delhi
Prefer HTon Google
Advertisement

Kaseya Corporation, a US-based IT firm that was recently the victim of a massive ransomware attack, said that it had acquired a third party tool to unlock the networks that were affected by the hack. The company also said that it is helping its customers affected by the ransomware to restore their affected operations.

Following the attack, hackers demanded $70 million in Bitcoin from Kaseya Corporation as ransom. (Representational image)
Following the attack, hackers demanded $70 million in Bitcoin from Kaseya Corporation as ransom. (Representational image)

“We can confirm that Kaseya obtained the tool from a third party and have teams actively helping customers affected by the ransomware to restore their environments,” news agency AFP reported citing a statement released by Kaseya Corporation earlier on Thursday. "Kaseya is working with Emsisoft to support our customer engagement efforts, and Emsisoft has confirmed the key is effective at unlocking victims," it further said.

Also read | REvil ransomware attack: Experts cast doubts as IT firm Kaseya says 800 to 1,500 customers compromised

However, the “third party” from which the tool was obtained to decrypt the hacked data was not mentioned by the company. According to Kevin Collier, a reporter with NBC News, Kaseya got the decryption tool from a “trusted third party” as was confirmed by a company spokesperson. In a tweet regarding the news, Collier further suggested that there were three ways in which Kaseya could have obtained the key - The US government obtained it via diplomatic channels with Russia or Russia asked REvil, the ransomware group behind the attack, to turn over the decryptor or Kaseya had paid the ransom and obtained the key. Emsisoft, a company offering cybersecurity solutions, is also involved along with Kaseya in restoring services for their customers, Collier further said.

Following the attack, hackers demanded $70 million in Bitcoin from Kaseya as ransom. The company then released a statement on July 6, saying that the attack had only limited impact. “The attack had limited impact, with only approximately 50 of the more than 35,000 Kaseya customers being breached,” the statement said. Despite this, several cybersecurity companies and experts had expressed their doubts about the limited impact, suggesting it could take more time to gauge the complete impact of the attack. Meanwhile, Coop had said that it had closed several of its stores because of crippled cash registers due to the attack earlier. It also said that alternate payment methods were being used in stores that remained open.

(With agency inputs)

 
Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, Russia and US Iran war Live, get all the latest headlines in one place on Hindustan Times.
Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, Russia and US Iran war Live, get all the latest headlines in one place on Hindustan Times.
SHARE THIS ARTICLE ON
Hindustantimes wants to start sending you push notifications. Click allow to subscribe