Romanian cybersecurity firm Bitdefender has released a free universal decryptor for victims of REvil/Sodinokibi ransomware. According to the researchers, the decryptor was developed in collaboration with “a trusted law enforcement partner”.
While Bitdefender did not say how they obtained the master decryption key or the law enforcement agency involved, the firm said that the tool works for all REvil victims whose files were encrypted in attacks prior to July 13, 2021.
This is the date when REvil shut down their infrastructure after the group found itself in the center of attention of international law enforcement and the US authorities following a massive ransomware attack on Kaseya servers that took place in early July.
However, after several months of inactivity the servers of the REvil ransomware gang came back online. According to a new group’s representative who goes online as ‘REvil’, the gang went on break after the previous REvil’s representative known as ‘Unknown’ disappeared prompting concerns that he was arrested and servers were compromised.