Kaseya, an American company that develops software for managing computer networks, was targeted by a ransomware gang on Friday.
The group claiming responsibility, a notorious Russian-speaking cybercriminal entity known as REvil, was able to lock the networks of hundreds of Kaseya’s customers by targeting the company’s widely-used software.
Kaseya CEO Fred Voccola first announced on Friday that a suspected attack had taken place. Just two days later on July 4, Voccola asserted that the company had been the “victim of a sophisticated cyberattack.”
REvil is believed to have relied on what are known as “zero-days,” vulnerabilities that have no known patch, to infiltrate Kaseya. Once the ransomware was deployed, countless victims were locked out of their own systems. REvil then informed the victims that their systems would be returned once a ransom was paid.
Although Kaseya has argued that less than 60 of its clients were affected, many of the customers of those clients were infected as well. The company later stated that it believed as many as 1,500 downstream businesses had been hit with the ransomware in what is referred to as a “supply-chain attack.”
REvil has claimed on its dark web blog, however, that it was able to infect at least 1 million systems as part of the attack. Individual victims have been told that they need to pay anywhere from $44,999 to $5 million to have their systems unlocked. REvil has also offered to unlock every system in exchange for a lump sum of $70 million.
The attack led President Joe Biden on Saturday to direct federal agencies to investigate. The incident comes just weeks after REvil took credit for the ransomware attack against meat supplier JBS, which ultimately paid the cybercrime gang $11 million.
This week’s top technology stories
|This pro-lockdown ‘bot campaign’ on Twitter may have just been trolling|
|Trump-aligned Michigan attorney raises big bucks to fight ‘election fraud’|
|How the Italian far-right is trying to break Twitter|
|Cops are getting free electric lassos for handing over body camera footage|
|Citizen app is faking local residents in Los Angeles|
|How South Carolina became a troubling new hub for QAnon|
|Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.|