Earlier this month Rev ransomware has received a lot of attention in one of the supply chain cyberattacks that has also hit the computer network.
This attack allowed the spread of malicious updates for this ransomware created by a Russian-speaking group of the same name. Among the affected Kasia customers, managed service providers for other businesses. Nearly 1,500 companies have been affected.
Today, Kasaya Info Victim ransomware victims have received a decryptor, and cybersecurity firm MCSoft has confirmed its effectiveness. ” Teams are actively helping clients affected by ransomware to restore their environment. “
The mystery of the origin of the decryptor
Encryption tool obtained from a third party … without further details. The Rev. group initially claimed 70 million bitcoins per global decryptor.
TO Sleeping computer, Said Casey: ” We can confirm that we have received a decryptor from a trusted third party, but not much can be said about the source. […] We have a tool verified by another third party (Editor’s note: McSoft) and we started distributing it to affected customers. “
So the origin of the decryptor remains a mystery at this point. Kasaya does not want to confirm or deny the ransom.
The sites of the Rev. group have recently been shut down, including in the dark web. The abrupt closure came after a meeting between the US president and his Russian envoy. The issue of ransomware attacks carried out by Russian-based groups was raised.