The REvil hacker group demanded $ 70 million in Bitcoin in exchange for the decryption key used to prevent more than 200 companies from accessing critical files and information.
The group’s latest ransomware campaign took place on July 2 when an IT management solutions provider called Kaseya mentionned he was investigating an attack on his VSA software remote monitoring and management tool. The company estimated that 40 of its customers were affected, but many of these companies had their own customers.
A security company called Huntress Labs initially estimated that at least 200 companies were affected by the ransomware campaign. At the time of writing, the company has increased this estimate to say that there could be over 1,000 affected organizations globally, making it one of the biggest ransomware campaigns to date.
BipComputer reported that REvil claims its campaign has reached over a million devices. The good news? The group also claimed that all of these devices “will be able to recover from an attack in less than an hour” because their files were encrypted using the same key. The bad news is they want $ 70 million for this key.
That’s a record ransom, BleepingComputer said, beating the $ 50 million REvil previously demanded from Acer. The group also asked Quanta Computer for $ 50 million in exchange for stolen files related to upcoming Apple products in April, but it mysteriously dropped that request a day before it was supposed to be paid.
President Joe Biden mentionned during Independence Weekend he ordered an investigation into this ransomware campaign to determine if the Russian government was involved. Kaseya said she has been in contact with the FBI, the Cybersecurity and Infrastructure Security Agency and other federal agencies.
