Ransomware victims panicked while FBI secretly held REvil decryption key

 In Biz & IT, encryption, fbi, ransomware, REvil, russian hacking

Ransomware victims panicked while FBI secretly held REvil decryption key

Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Circular seal against a marble wall.

Enlarge / The seal of the Federal Bureau of Investigation (FBI) is seen at the J. Edgar Hoover building in Washington, D.C. (credit: Andrew Harrer/Bloomberg)

For three weeks during the REvil ransomeware attack this summer, the FBI secretly withheld the key that would have decrypted data and computers on up to 1,500 networks, including those run by hospitals, schools, and businesses.

The FBI had penetrated the REvil gang’s servers to obtain the key, but after discussing it with other agencies, the bureau decided to wait before sending it to victims for fear of tipping off the criminals, The Washington Post reports. The FBI hadn’t wanted to tip off the REvil gang and had hoped to take down their operations, sources told the Post.

Instead, REvil went dark on July 13 before the FBI could step in. For reasons that haven’t been explained, the FBI didn’t cough up the key until July 21.

Read 6 remaining paragraphs | Comments

Up to 1,500 companies were ensnared in the July attacks.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt