A notorious hacker group known as REvil – “Ransomware Evil” – has used an exploit to encrypt thousands of enterprise systems worldwide and is demanding US$70 million ($92 million) in Bitcoin to release the data.

The hackers exploited a vulnerability in a remote monitoring and management platform called Kaseya VSA to distribute their malware around the world over the weekend.

The Australian Cyber Security Centre said it “has received reporting of this incident impacting Australian organisations and are working with victims to assist and to better understand the extent of impact”.

CRN Australia reported that at least five Australian managed service providers (remote IT managers) had been affected by the exploit. One had at least 300 end-customers infected with the ransomware.

The hackers were demanding US$5 million in the privacy coin Monero from those managed service providers, US$45,000 in Monero from individual businesses or US$70 million in Bitcoin for a “universal decryptor”.

The hackers claim that 1 million machines have been infected, which would make it the biggest ever ransomware attack.

In Sweden, more than 800 Swedish Coop grocery stores were closed because it could not operate its cash registers. State railway services and a pharmacy chain was also disrupted there.