On July 2, IT software provider Kaseya was crippled by an attack attributed to Russia-based hacking group REvil. The ransomware compromised the software and removed the clients’ administrator access. REvil demanded $70 million in Bitcoin to restore normal operations.
Last week, it announced it had received the decryptor key to undo the attack, which affected hundreds of businesses that use Kaseya software worldwide. But it declined to say how—beyond that it had come from a “trusted third party,” leading to speculation that it had paid the $70 million ransom.
Not so, said Kaseya on Monday. “We are confirming in no uncertain terms that Kaseya did not pay a ransom—either directly or indirectly through a third party—to obtain the decryptor,” it said in an update on its website.