Kaseya is at this time supporting to restore the programs of shoppers whose networks had been nonetheless locked down by REvil’s software, it said.
“I can affirm we have received a decryptor and are at the moment doing work to help the prospects impacted by the attack,” said Kaseya spokesperson Dana Liedholm. “We are not able to share the supply but can say it truly is from a trusted 3rd get together.”
Liedholm declined to reply even more concerns about irrespective of whether the decryptor essential had been reverse-engineered from the REvil malware.
Brett Callow, a risk analyst at the cybersecurity organization Emsisoft, mentioned his company had verified the effectiveness of the crucial at restoring victim knowledge.
“We are functioning with Kaseya to support their consumer engagement endeavours. We have confirmed the essential is successful at unlocking victims and will carry on to present help to Kaseya and its shoppers,” Callow told CNN.
Underscoring that issue, Drew Schmitt, principal threat intelligence analyst at GuidePoint Protection, reported that while he is not included with the situation at Kaseya, he is assured the important must get the job done.
“There are extremely constrained conditions where I have received a decryptor during a negotiation and located out it either won’t perform or observed some significant challenge with it,” Schmitt claimed. “The proportion of situations or incidents exactly where the decryptor just flat-out doesn’t get the job done is genuinely, actually very low and is nearer to zero than just about anything.”
It is continue to unclear how the attackers managed to attain obtain to Kaseya’s product.