viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
Ransomware victims panicked while FBI secretly held REvil decryption key
Technology

Ransomware victims panicked while FBI secretly held REvil decryption key

22/09/2021

Circular seal against a marble wall.
Enlarge / The seal of the Federal Bureau of Investigation (FBI) is seen at the J. Edgar Hoover building in Washington, D.C.

For three weeks during the REvil ransomeware attack this summer, the FBI secretly withheld the key that would have decrypted data and computers on up to 1,500 networks, including those run by hospitals, schools, and businesses.

The FBI had penetrated the REvil gang’s servers to obtain the key, but after discussing it with other agencies, the bureau decided to wait before sending it to victims for fear of tipping off the criminals, The Washington Post reports. The FBI hadn’t wanted to tip off the REvil gang and had hoped to take down their operations, sources told the Post.

Instead, REvil went dark on July 13 before the FBI could step in. For reasons that haven’t been explained, the FBI didn’t cough up the key until July 21.

“We make the decisions as a group, not unilaterally,” FBI Director Christopher Wray told Congress on Tuesday. “These are complex… decisions, designed to create maximum impact, and that takes time in going against adversaries where we have to marshal resources not just around the country but all over the world.”

Years of disruption

REvil has a long history of using high-pressure tactics to extort victims. The Russia-based gang first appeared in 2019, and it was on a tear earlier this year. In March, the group hacked a celebrity law firm that represented U2, Madonna, and Lady Gaga, demanding $21 million. When the law firm balked, REvil doubled the demand and released some of Lady Gaga’s files. In April, the gang stole data from contract manufacturer Quanta Computer, publishing details of two Apple products. Then in May, it shut down Colonial Pipeline’s operations from New Jersey to Texas, leading to fuel shortages.

Advertisement

The group resurfaced this summer when it disrupted operations at Brazil-based meat processor JBS and caused several plants in the US, Canada, and Australia to shut down. It struck again when it exploited a zero-day in remote management tools made by Kaseya, a Florida-based IT firm. The hole in the company’s VSA product gave REvil access to 54 service providers who manage networks for up to 1,500 businesses and other organizations.

Grocery stores in Sweden, town halls in Maryland, schools in New Zealand, and a hospital in Romania were all affected by the attack. Coop, the Swedish grocery store chain, closed around 700 stores and took some six days to reopen. Other victims spent weeks restoring their systems.

They’re back

Last Thursday, cybersecurity firm Bitdefender published a universal decryptor tool for networks and computers encrypted before REvil’s hibernation began on July 13. About 250 victims have used the tool so far, a Bitdefender executive said. The key that made the tool possible reportedly came from a law enforcement agency—but not the FBI.

Despite the FBI’s efforts to take it down, REvil is back this month with a new string of attacks, ensnaring at least eight new victims, the Post reported. The Bitdefender tool, however, won’t work for the new victims, a sign that REvil has retooled its operations after a brief downtime.

Source link

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

ProBeat: Why Google is really calling for AI regulation
Determining whether an AI system is maintaining fairness in its …

Google’s ML-fairness-gym lets researchers study the long-term effects of AI’s decisions

2020 will be a big year for online childcare — here are 7 startups to watch
TechCrunch ist Teil von Verizon Media. Klicken Sie auf ‘Ich …

Hipmunk’s co-founders tried to buy it back before the shutdown

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • Researchers release data set of CT scans from coronavirus patients
    MIT CSAIL’s system defers can defer to …
    01/08/2020
  • 2020 will be a big year for online childcare — here are 7 startups to watch
    IBM: Most companies not prepared for digital …
    04/01/2021
  • The 2020 data and AI landscape
    The 2020 data and AI landscape
    21/10/2020
  • Mach1 will provide spatial audio for Bose’s AR platform
    Mach1 will provide spatial audio for Bose’s …
    18/12/2019
  • Hitman 3’s Agatha Christie-style trailer is everything I want
    Hitman 3’s Agatha Christie-style trailer is everything …
    21/08/2020

Popular Posts

  • 10 Real Historical Events That Inspired ‘Game …
    22/05/2022 0
  • Top 10 Most Singular Encounters with Unidentified …
    24/04/2022 0
  • 10 Creepy Apocalyptical Predictions – Listverse
    25/04/2022 0
  • 10 Meetings That Shaped History – Listverse
    25/04/2022 0
  • The first “Meta Store” is opening in California in May
    The first “Meta Store” is opening in …
    25/04/2022 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2022 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh