According to a posting on a dark website, hackers suspected of being behind a mass extortion attack that has affected hundreds of companies worldwide on late Sunday, have demanded for $70 million to restore the data they were holding ransom for. The demand was made on a blog commonly used by the REvil cybercrime gang, a Russia-linked group that is one of the most prolific extortionists in the cybercriminal world.
The gang’s affiliate structure makes it difficult to determine who speaks on behalf of the hackers, but cybersecurity firm Recorded Future’s Allan Liska said that the message ‘almost certainly’ came from REvil’s core leadership.
On Saturday, one of the largest ransomware attacks in history spread across the globe, forced the Swedish Coop grocery store chain to close all of its 800 stores, because its cash registers were non operative. Following an unusually sophisticated attack on US tech provider Kaseya on Friday, the major food retailer was shut down. REvil, a ransomware gang, is suspected of stealing Kaseya’s desktop management tool VSA and distributing a malicious update that infects tech management providers serving tens of thousands of businesses.
Thousands of small businesses may have been affected, according to Huntress Labs, which was one of the first to raise the alarm about the wave of infections at the providers’ clients. Miami-based Kaseya stated that it was cooperating with the FBI and that only about 40 of its customers had been directly affected. It did not say how many of those were service providers who then spread the malware to others.
Post Your Comments