Hacker group REvil demands US$70m in Bitcoin to end biggest-ever ransomware assault
Coinhead
Coinhead
A notorious hacker group known as REvil – “Ransomware Evil” – has used an exploit to encrypt thousands of enterprise systems worldwide and is demanding US$70 million ($92 million) in Bitcoin to release the data.
REvil has named its price. $70,000,000 USD in Bitcoin.
Attached image is directly from REvils website: pic.twitter.com/1kOxaKxraS
— vx-underground (@vxunderground) July 5, 2021
The hackers exploited a vulnerability in a remote monitoring and management platform called Kaseya VSA to distribute their malware around the world over the weekend.
The Australian Cyber Security Centre said it “has received reporting of this incident impacting Australian organisations and are working with victims to assist and to better understand the extent of impact”.
CRN Australia reported that at least five Australian managed service providers (remote IT managers) had been affected by the exploit. One had at least 300 end-customers infected with the ransomware.
The hackers were demanding US$5 million in the privacy coin Monero from those managed service providers, US$45,000 in Monero from individual businesses or US$70 million in Bitcoin for a “universal decryptor”.
It’s much harder to get Monero from US exchanges. Revil commonly enables Bitcoin at request. I would not read too much into that.
Sadly, people are paying.
— Lawrence Abrams (@LawrenceAbrams) July 5, 2021
The hackers claim that 1 million machines have been infected, which would make it the biggest ever ransomware attack.
In Sweden, more than 800 Swedish Coop grocery stores were closed because it could not operate its cash registers. State railway services and a pharmacy chain was also disrupted there.