{"id":309049,"date":"2021-07-27T08:03:16","date_gmt":"2021-07-27T05:03:16","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/kaseya-recovers-data-stolen-in-ransomware-attack-with-mysterious-decryption-tool\/"},"modified":"2021-07-27T08:03:16","modified_gmt":"2021-07-27T05:03:16","slug":"kaseya-recovers-data-stolen-in-ransomware-attack-with-mysterious-decryption-tool","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/kaseya-recovers-data-stolen-in-ransomware-attack-with-mysterious-decryption-tool\/","title":{"rendered":"# Kaseya recovers data stolen in ransomware attack with mysterious decryption tool"},"content":{"rendered":"

# Kaseya recovers data stolen in ransomware attack with mysterious decryption tool <\/strong>”
\n<\/p>\n

IT software provider, Kaseya, has announced it is providing its clients with a decryption tool to recover customer data that was locked in a ransomware attack earlier this month.<\/p>\n

In a July 26\u00a0notice<\/a> on its website, the global technology<\/a> firm stated it has been assisting its customers with the restoration of their encrypted data in partnership with cybersecurity company Emsisoft.<\/p>\n

It has been issuing a mysterious \u201cdecryptor\u201d tool enabling customers to access data that had been locked by the malware disseminated in the July 2 attack.<\/p>\n

\u201cThe decryption tool has proven 100% effective at decrypting files that were fully encrypted in the attack.\u201d<\/p><\/blockquote>\n

The company has denied paying the $70 million in Bitcoin to the Russian hacker group, REvil \u2014 which took responsibility for the attack. Kaseya did not disclose how it came across the decryption software either, stating only that has not paid any ransom to get it.<\/p>\n

Kaseya confirmed that, after consultation with experts, it decided not to negotiate with the criminals who perpetrated the attack, stating:<\/p>\n

\u201cWe are confirming in no uncertain terms that Kaseya did not pay a ransom \u2013 either directly or indirectly through a third party \u2013 to obtain the decryptor.\u201d<\/p><\/blockquote>\n

On July 2, the ransomware hacking group REvil brought the networks of at least 200 U.S. companies to their knees by leveraging an unpatched zero-day vulnerability in Kaseya’s IT management and automation software (VSA).<\/p>\n

Related:<\/em><\/strong> <\/em>Don\u2019t blame crypto for ransomware<\/em><\/p>\n

The news<\/a> comes as ransomware is coming under increasing scrutiny from lawmakers.<\/p>\n

According to a July 9 Cointelegraph report, Michele Korver\u2019s app<\/a>ointment to the U.S. Financial Crimes Enforcement Network (FinCEN) promises to reduce illicit financial practices within the crypto space. During her previous tenure at the Department of Justice, she developed cryptocurrency seizure and forfeiture policy and legislation.<\/p>\n

U.S. senators and politicians have come down hard on the cryptocurrency sector, largely blaming the technological phenomenon for the increase in ransomware attacks. Following the Colonial Pipeline and JBS attacks in May and June, there were calls for a crackdown on cryptocurrency in the U.S. senate after digital assets were dubbed the \u201cransom payment of choice\u201d for hackers.<\/p>\n

Meatpacker JBS paid an $11 million Bitcoin ransom to REvil, while Colonial made a $4.4 million BTC payment to Russia-linked DarkSide. <\/p>\n