Antivirus vendor Bitdefender has introduced a totally free universal decryption tool to aid victims of REvil ransomware, also known as Sodinokibi.
The new tool, which was produced accessible on Thursday, can restore quite a few documents impacted by the crypto-locking malware ahead of July 13, 2021. Having said that, the tool’s instructions involve the warning that “some variations” of REvil “are not nonetheless decryptable.”
REvil victims can download the resource and a action-by-action tutorial on how to use it via the Bitdefender website. The free decryptor is also from the No Extra Ransomware project, a community-non-public collaboration involving Europol, Dutch cybercrime law enforcement, and several non-public security firms.
Bitdefender claimed that the decryption software was produced in collaboration with “a trusted regulation enforcement partner” even though the investigation into REvil’s felony activities proceeds.
“Make sure you be aware this is an ongoing investigation and we cannot comment on information connected to this case right until approved by the direct investigating law enforcement spouse,” Bitdefender claimed in a statement released September 16.
“Both equally get-togethers believe it is important to launch the common decryptor ahead of the investigation is accomplished to aid as quite a few victims as doable.”
REvil first came on the cybercrime radar as a Ransomware-as-a-Provider (RaaS) operator in April 2019 and grew to grow to be a person of the most prolific ransomware gangs on the dark web.
Following productively extorting millions of pounds from countless numbers of technology providers, retailers, and managed services companies all over the earth, REvil’s website went down earlier this calendar year following a important supply-chain attack on IT software program supplier Kaseya.
“On July 13 of this calendar year, parts of REvil’s infrastructure went offline, leaving contaminated victims who had not paid out the ransom unable to recover their encrypted data,” stated Bitdefender.
“This decryption device will now offer you people victims the skill to just take back regulate of their info and belongings.”
Bitdefender and its unnamed regulation enforcement partner suspect that additional attacks from REvil could be about to arise.
“We believe new REvil attacks are imminent right after the ransomware gang’s servers and supporting infrastructure not long ago arrived again on-line right after a two-thirty day period hiatus,” explained Bitdefender. “We urge companies to be on higher inform and to choose important safety measures.”
Some components of this report are sourced from: