Skip to Content

Ransomware group demands $70 million for Kaseya attack

By Alex Marquardt

The ransomware group REvil has demanded a $70 million payment in Bitcoin for a decryptor tool following its attack on the software vendor Kaseya, cyber researchers say.

The offer of a universal tool reflects the “logistical nightmare” REvil is now facing with thousands of potential victims to negotiate with, researcher Allan Liska at cybersecurity firm Recorded Future said.

“We know there are thousands of victims here. REvil [has] limited resources to handle negotiations and process keys,” Liska said, calling this the biggest non-nation state supply chain attack ever, and possibly the second biggest ransomware attack ever.

The full impact won’t be felt until Tuesday when people are back at work, experts say.

“Not everyone will have seen the alerts or had the urgency to check their own network/systems,” said Bryce Webster-Jacobsen, the head of intelligence at cybersecurity company GroupSense.

Kaseya said it would release new information Monday morning, but has yet to do so. In Sunday night’s update it reported that the attack “has been localized to a very small number of on-premises customers only.”

However, each customer, namely IT service providers, can have hundreds or thousands of clients themselves who are affected.

Asked whether he saw any change in REvil since its attack on JBS Foods, Liska said they’re “just more arrogant. If that is possible.”

The-CNN-Wire
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.

Article Topic Follows: CNN - Business/Consumer

Jump to comments ↓

CNN Newsource

BE PART OF THE CONVERSATION

KTVZ NewsChannel 21 is committed to providing a forum for civil and constructive conversation.

Please keep your comments respectful and relevant. You can review our Community Guidelines by clicking here

If you would like to share a story idea, please submit it here.

Skip to content