06 July 21, 16:45
Quote:The REvil cybergang is taking credit for Friday’s massive ransomware attack against managed service provider Kaseya Ltd. The criminals behind the attack claim it infected 1 million systems tied to Kaseya services and are demanding $70 million in bitcoin in exchange for a decryption key. Federal authorities put the number of affected companies in the thousands.
The attack is considered the single biggest global ransomware attack on record. Affected are financial services, travel and leisure and public sector computer systems located across 17 countries. Swedish grocer Coop, it is reported, was forced to close 800 of its stores for more than two days because its cash register software supplier was impacted by the attack.
In related developments, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) in the U.S. offered assistance to those effected by the sweeping attack.
The Kaseya attack is believed to have impacted as many as 1,500 firms when attackers targeted multiple managed service providers (MSPs), which manage the networks of other firms.
On Sunday, the prolific cybergang known as REvil posted a message to a hacker forum taking credit for the attack. The message stated:
“On Friday (02.07.2021) we launched an attack on MSP providers. More than a million systems were infected. If anyone wants to negotiate about universal decryptor – our price is 70 000 000$ in BTC and we will publish publicly decryptor that decrypts files of all victims, so everyone will be able to recover from attack in less than an hour. If you are interested in such deal – contact us using victims ‘readme’ file instructions. – REvil.”
Read more: Kaseya Attack Fallout: CISA, FBI Offer Guidance | Threatpost