The U.S. company whose software was exploited in a recent global ransomware attack has received a universal key needed to decrypt the data belonging to the more than 1,000 businesses and public organizations affected by the attack.
A spokeswoman for the company, Kaseya, would not say how the key was obtained or whether a ransom was paid, AP reported. Spokeswoman Dana Liedholm said only that the key came from a “trusted third party” and that it was being distributing to all victims.
The Russia-linked group REvil was responsible for the ransomware attack, which was launched on July 2.
The group claimed credit for the attack and demanded $70 million worth of bitcoin as ransom to decrypt the software of the affected companies. REvil disappeared from the Internet on July 13.
Among the explanations for why the universal key has now appeared was that Kaseya paid the ransom, some of the affected companies paid the ransom, or the Kremlin seized the key from the criminals and handed it over through intermediaries, ransomware analysts told AP.
The attack was the worst ransomware attack to date. It spread through the Kaseya software used by companies known as managed-service providers to administer multiple customer networks. Among the worst-affected companies was a Swedish grocery chain that was forced to close most of its 800 stores because the attack crippled its cash-register software.
U.S. President Joe Biden repeated a warning to Russian President Vladimir Putin during a call two weeks ago that the United States would take "any necessary action" to defend Americans and critical infrastructure threatened by cyberattacks.
Biden had previously warned Putin about ransomware attacks during the two leaders’ summit in June.