Article 5PTSK Ransomware victims panicked while FBI secretly held REvil decryption key

Ransomware victims panicked while FBI secretly held REvil decryption key

by
Tim De Chant
from Ars Technica - All content on (#5PTSK)
GettyImages-175796149-800x533.jpg

Enlarge / The seal of the Federal Bureau of Investigation (FBI) is seen at the J. Edgar Hoover building in Washington, D.C. (credit: Andrew Harrer/Bloomberg)

For three weeks during the REvil ransomeware attack this summer, the FBI secretly withheld the key that would have decrypted data and computers on up to 1,500 networks, including those run by hospitals, schools, and businesses.

The FBI had penetrated the REvil gang's servers to obtain the key, but after discussing it with other agencies, the bureau decided to wait before sending it to victims for fear of tipping off the criminals, The Washington Post reports. The FBI hadn't wanted to tip off the REvil gang and had hoped to take down their operations, sources told the Post.

Instead, REvil went dark on July 13 before the FBI could step in. For reasons that haven't been explained, the FBI didn't cough up the key until July 21.

Read 6 remaining paragraphs | Comments

index?i=NlLgCPVEjXs:EklJNYObByg:V_sGLiPB index?i=NlLgCPVEjXs:EklJNYObByg:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments