Cybercrime REvil gang asks for $70M to decrypt systems locked in Kaseya attack

REvil gang asks $70 million to decrypt systems locked in Kaseya attack

The REvil ransomware gang is asking for a $70 million ransom payment to publish a universal decryptor that can unlock all computers locked during the Kaseya incident that took place this past Friday, The Record has learned.

In a message posted on their dark web blog, the REvil gang officially took credit for the attack for the first time and claimed they locked more than one million systems during the Kaseya incident.

On Friday (02.07.2021) we launched an attack on MSP providers. More than a million systems were infected. If anyone wants to negotiate about universal decryptor – our price is 70 000 000$ in BTC and we will publish publicly decryptor that decrypts files of all victims, so everyone will be able to recover from attack in less than an hour. If you are interested in such deal – contact us using victims “readme” file instructions.

Image: The Record

If honored, the demand would become the highest ransomware payment ever made.

The Kaseya ransomware incident is believed to have impacted thousands of companies across the world.

The attack took place on Friday when the REvil gang (or one of its collaborators) is believed to have used an exploit in the Kaseya VSA server to gain access to VSA appliances used for managing remote computer fleets.

The attackers pivoted from these VSA appliances into corporate networks and installed their ransomware in one of the largest ransomware outbreaks in recent years.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.

from Hacker News https://ift.tt/3jMUwcr