![]() The REvil ransomware gang, also known as Sodinokibi, is publicly demanding $70 million to restore the data it's holding ransom after their data-scrambling software affected hundreds of small and medium businesses across a dozen countries - including schools in New Zealand and supermarkets in Sweden.īut in a conversation with Jack Cable of the cybersecurity-focused Krebs Stamos Group, one of the gang's affiliates said he could sell a "universal decryptor" for all the victims for $50 million.Ĭable told Reuters he managed to get through to the hackers after obtaining a cryptographic key needed to log on to the group's payment portal. WASHINGTON, July 5 (Reuters) - The hackers who have claimed responsibility for an international ransomware outbreak have lowered their asking price in a private conversation with a cybersecurity expert, something he said may be a sign the group was having trouble monetizing their massive breach. While there is no link between REvil and the Russian government, senior US and Russian officials will meet next week to discuss the attack.(Recasts, adds interview with the hackers further expert comment) This led Cable to believe that REvil is purely financially motivated and has no political interests. When Cable reached out toREvil in order to discuss paying the ransom, they reportedly decreased their initial demands by $20 million. As of Tuesday 6 July, following contact by a security architect at cybersecurity consulting firm Krebs Stamos Group, Jack Cable, the group have reduced their ransom demand from Kaseya to $50 million. The group had also hacked Taiwanese computer giant Acer in March, demanding $50 million in ransom. The hackers extorted $11 million from JBS, who managed to resume services afterwards. In June, they were believed to be behind the attack on JBS, the largest meat supplier in the world, which led to some of the JBS operations in North America and Australia being shut down. REvil, derived from “Ransomware” and “Evil”, has previously been linked to a number of such instances. The group of hackers has been dubbed REvilor Sodinokibi by experts and is believed to be Russia- based. However, in a large number of similar cases, the victims do not generally publicly divulge that they were the target of such an attack, or whether they have paid the ransom. A Swedish grocery chain, a New Zealand School, a German IT company and two Dutch companies are a few of the known victims. ![]() The extent of damages is yet to be known, but the estimated number of businesses affected ranges from 1000-2000, spanning at least 17 countries. Taking advantage of the lightly staffed company due to Fourth of July celebrations in the United States, the hackers bypassed the company’s security, exploiting a zero-day vulnerability. Kaseya sells its software to thousands of IT and Managed Service Providers (MSPs), who in turn, serve a number of clients. On 4 July, they demanded-through the dark web- $70 million in cryptocurrency in exchange for the return of the stolen data. ![]() Miami-based information technology firm Kaseya was the target of “the largest ever ransomware attack” last weekend, when hackers exploited a bug in the IT Management software of the firm in order to steal a large amount of data on a number of clients using the Kaseya software.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |