Ransomware attacks on 1M computers, hackers demand USD 70M

07 July,2021 09:45 AM IST |  San Francisco  |  IANS

The hackers belonging to REvil, a Russian-speaking group, have compromised Kaseya VSA which is used by Managed Service Providers to perform IT tasks remotely, the media reported on Tuesday.

Photo for representational purpose. Picture Courtesy/iStock


Russian cybercriminals behind the Kaseya supply chain ransomware attack have demanded a record USD 70 million to decrypt nearly one million affected devices.

Ireland-based Kaseya provides IT solutions, including VSA, a unified remote-monitoring and management tool for handling networks and endpoints.

The hackers belonging to REvil, a Russian-speaking group, have compromised Kaseya VSA which is used by Managed Service Providers to perform IT tasks remotely, the media reported on Tuesday.

The Federal Bureau of Investigation (FBI) last month attributed the attack on major American meat producer, JBS USA. to REvil. JBS USA confirmed that it paid an equivalent of USD 11 million in ransom in response to the criminal hack against its operations.

Also read: Mumbai: Hacker plays porn videos during online class; FIR registered

The Russian government had denied any involvement in cyberattacks like the JBS hack, calling these allegations "groundless".

The same group has reportedly attacked IT firm Kaseya.

According to Kaseya, over 40,000 organisations worldwide use at least one Kaseya software solution. As a provider of technology to MSPs, which serve other companies, Kaseya is central to a wider software supply chain, reports ZDNet.

Kaseya CEO Fred Vocolla said in a statement over the last weekend that "only a very small percentage of our customers were affected -- currently estimated at fewer than 40 worldwide."

Sophos VP Ross McKerchar said in a statement that this is one of the "farthest reaching criminal ransomware attacks that Sophos has ever seen".

In a July 5 update, Kaseya said that a fix was being developed and would first be deployed to SaaS environments.

REVil has now demanded USD 70 million for a universal decryption tool to end the Kaseya attack.

"More than a million systems were infected. If anyone wants to negotiate about universal decryptor our price is USD 70 000 000USD in BTC and we will publish a publicly decryptor that decrypts files of all victims, so everyone will be able to recover from attack in less than one hour," claimed the hacker group.

The group is asking for USD 5 million for affected managed service providers and USD 44,999 for affected Kaseya customers, according to BleepingComputer.

This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!
tech news
Related Stories