Ransomware victims panicked while FBI secretly held REvil decryption key

Circular seal against a marble wall.

Enlarge / The seal of the Federal Bureau of Investigation (FBI) is seen at the J. Edgar Hoover building in Washington, D.C. (credit: Andrew Harrer/Bloomberg)

For three weeks during the REvil ransomeware attack this summer, the FBI secretly withheld the key that would have decrypted data and computers on up to 1,500 networks, including those run by hospitals, schools, and businesses.

The FBI had penetrated the REvil gang’s servers to obtain the key, but after discussing it with other agencies, the bureau decided to wait before sending it to victims for fear of tipping off the criminals, The Washington Post reports. The FBI hadn’t want to tip off the REvil gang and had hoped to take down their operations, sources told the Post.

Instead, REvil went dark on July 13 before the FBI could step in. For reasons that haven’t been explained, the FBI didn’t cough up the key until July 21.

Read 6 remaining paragraphs | Comments



https://ift.tt/3Cygiqv

Comments