Free decryptor for past REvil ransomware victims released

Well here’s some good news.

The experts at security firm Bitdefender have made available a universal decryptor for victims of the REvil ransomware (also sometimes known as Sodinokibi).

The tool offers help to anyone whose systems were hit by the ransomware in attacks made before July 13 2021, and was developed by the team at Bitdefender in collaboration with “a trusted law enforcement partner.”

Sign up to our newsletter
Security news, advice, and tips.

As you may recall, the REvil ransomware-as-a-service criminal operation was to blame for the massive supply-chain attack that hit Kaseya in early July, which impacted some 1500 organisations around the world.

Other past victims of REvil have included JBS, the world’s biggest meat supplier, who ended up paying a $11 million ransom to its attackers.

REvil appeared to go offline in mid-July, but its infrastructure has come back online in recent days – raising concerns that it may be about to launch new attacks.

For more information, instructions, and to download the decryption tool, visit the Bitdefender website.

Meanwhile, law enforcement investigations into the REvil ransomware group continue…

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.