One of the worst types of malicious software that computer users worldwide are plagued with is ransomware. This type of malware encrypts the contents of the user’s computer in an attempt to force the PC owner to pay a ransom to decrypt their hard drive. Anyone impacted by the REvil ransomware can decrypt their machine for free with a master decryptor program.
There are still some victims who never paid the attackers to decrypt their computers before the attackers behind REvil disappeared. The master decryptor allows the decryption of all files at no cost and was released by a cybersecurity firm called Bitdefender in collaboration with a law enforcement partner.
Bitdefender has declined to share any details on what law enforcement agency it worked with and how it came by the master decryption key for REvil. As for why Bitdefender won’t comment on the agency it is working with, it says the investigation is ongoing. The free decryption software will work for all victims who had their computers encrypted before July 13.
Bitdefender also notes that it believes new REvil ransomware attacks are eminent as the servers and supporting infrastructure have recently come back online after being off-line for two months. Security researchers are telling organizations they should be on high alert and begin to take precautions. REvil operated as a Ransomware-as-a-service (RaaS) operator and is believed to be based in a Commonwealth of Independent States country.
It was first seen in 2019 and is a successor to the GandCrab ransomware. REvil is one of the most prolific ransomware seen on the dark web and targeted thousands of tech companies and retailers. It’s also notable because the group behind REvil was demanding exorbitant ransoms up to $70 million for decryption keys and promises that they wouldn’t release data stolen during their attacks. Anyone impacted by REvil can download the decryptor tool here.