What just happened? Russia-based hacker gang REvil has revealed how much it wants for the decryption key that will unlock systems affected by its attack on Kaseya’s supply chain last week: $ 70 million in Bitcoin, a ransomware record.
In summary, an attack on Kaseya’s VSA cloud-based systems management platform, which is used for remote monitoring and IT management, took place last Friday. Cybersecurity firm Huntress Laboratories It was initially thought that around 200 companies were affected, but recently it revised that number to more than 1,000.
As reported by Computer ringing, REvil claims that the campaign has reached more than one million devices. The group is willing to negotiate a universal decryption key that will unlock all encrypted files, but it comes at a very high starting price of $ 70 million in BTC. Previously, it had requested $ 5 million from MSPs (Managed Service Providers) for the tool and a $ 44,999 ransom from its clients.
Image courtesy of Computer ringing
That $ 70 million is a record for a ransomware attack, surpassing the $ 50 million REvil demanded from Acer earlier this year. He asked for the same amount from Apple’s manufacturing partner, Quanta, but dropped those demands the day before it was supposed to be paid, for some reason.
On Saturday, President Joe Biden revealed that he had instructed US intelligence agencies to investigate the attack. He said, “we are not sure” who is behind it. “The initial idea was that it was not the Russian government, but we are not sure yet.”
The president said the United States would respond if it determines that Russia is to blame for the incident.
To learn more about ransomware, see our article The Evolution of Ransomware: How did we get here? characteristic
Header Credit: Andrey_Popov