Software company Kaseya on Monday stated that it did not pay any ransom to obtain the universal decryptor. The ransomware attack affected nearly 1,500 organizations earlier this month. While Kaseya did not reveal any details on how they attained the decryptor, they confirmed that they did not pay the ransom.
Kaseya decided after consultation with experts to not negotiate with the criminals who carried out this attack, the company wrote in a statement. “As such, we are confirming in no uncertain terms that Kaseya did not pay a ransom – either directly or indirectly through a third party – to obtain the decryptor.”
The software company was hit by a ransomware attack before American Independence Day. The attack was linked with the Russian REvil cybercriminal group. Websites on the dark web used by REvil went dark days after the attack on Kasey. REvil had then demanded $70 million in ransom, later lowering the demand to $50 million.
On Thursday, Kaseya reported it had obtained a universal decryption key that could be used by the organizations affected by the attack targeting its software.
Some cybersecurity experts have noted that REvil was known to have stability problems, so its disappearance could have been due to a technical issue. Others, however, have noted that law enforcement action might have been responsible.
