Bitdefender announced the availability of a universal decryptor for REvil/Sodinokibi. Created in collaboration with a trusted law enforcement partner, this tool helps victims encrypted by REvil ransomware to restore their files and recover from attacks made before July 13, 2021.
On July 13 of this year, parts of REvil’s infrastructure went offline, leaving infected victims who had not paid the ransom unable to recover their encrypted data. This decryption tool will now offer those victims the ability to take back control of their data and assets.
Who is REvil/Sodinokibi?
REvil is a Ransomware-as-a-Service (RaaS) operator likely based in a Commonwealth of Independent States (CIS) country. It emerged in 2019 as a successor of the now-defunct GandCrab ransomware and is one of the most prolific ransomware on the dark web as affiliates have targeted thousands of technology companies, managed service providers and retailers around the world.
After successfully encrypting a business’ data, REvil affiliates demand large ransoms up to US $70 million in exchange for a decryption key and the assurance they will not publish the internal data exfiltrated during the attack.
Ransomware continues to gain popularity throughout 2021 and remains a favored attack threatening organizations of all sizes in all industries.
Download the REvil Decryption Tool
Victims of REvil ransomware can download the new decryption tool for free to recover their data.
A step-by-step tutorial on how to use the REvil decryption tool is available here.