
Systems management service provider Kaseya has announced that it has been subjected to a ransomware cyberattack by the Russian hacker group REvil. Since Kaseya manages more than 1,000 companies around the world, considerable damage is expected, and US intelligence agencies, including the FBI, have launched an investigation. The hacking group Reville is making a statement on the Dark Web that it will demand a $70 million Bitcoin ransom and in return it will release a universal decryption function that can decrypt data.
At the time of the attack on Kaseya, it had been expected that it was the crime of Reville. Revil is a cybercriminal group that launched a ransomware attack against a large corporation called Sodinokibi. Recently, JBS, the world’s largest meat processor, was attacked and paid a ransom of $11 million to contain data breaches.
Reville goes through the process of sending a file (readme.txt) to the victim company to negotiate a password that, upon payment, all compromised companies can recover their data for an hour or so. Kaseya said it is investigating the matter and believes the FBI will somehow resolve it.
The victim of this attack was VSA, a Kaseya remote monitoring and management service. VSA is software that remotely monitors PCs, servers, printers, networks, and POS systems. Customer data is also exposed to a chain crisis because MSA, a customer management service provider who uses it, is included. Currently, Kaseya is appealing to customers to keep the VSA offline until contacted by Kaseya.
If Kaseya accepts the deal, it would pay Reville a ransom of $70 million, which would be the largest ransom ever. Related information can be found here.
Add comment