Free decryptor for past REvil ransomware victims released

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Free decryptor for past REvil ransomware victims released

Well here’s some good news.

The experts at security firm Bitdefender have made available a universal decryptor for victims of the REvil ransomware (also sometimes known as Sodinokibi).

The tool offers help to anyone whose systems were hit by the ransomware in attacks made before July 13 2021, and was developed by the team at Bitdefender in collaboration with “a trusted law enforcement partner.”

Sign up to our free newsletter.
Security news, advice, and tips.

As you may recall, the REvil ransomware-as-a-service criminal operation was to blame for the massive supply-chain attack that hit Kaseya in early July, which impacted some 1500 organisations around the world.

Other past victims of REvil have included JBS, the world’s biggest meat supplier, who ended up paying a $11 million ransom to its attackers.

REvil appeared to go offline in mid-July, but its infrastructure has come back online in recent days – raising concerns that it may be about to launch new attacks.

For more information, instructions, and to download the decryption tool, visit the Bitdefender website.

Meanwhile, law enforcement investigations into the REvil ransomware group continue…


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.