A laptop with pirate flag.

Unsplash (CC-BY)

Ransomware gang demands $70 million after attack on major software supplier

The supply-chain attack is believed to have affected as many as 1,500 businesses.

 

Mikael Thalen

Tech

Posted on Jul 6, 2021   Updated on Aug 4, 2021, 3:52 pm CDT

Kaseya, an American company that develops software for managing computer networks, was targeted by a ransomware gang on Friday.

The group claiming responsibility, a notorious Russian-speaking cybercriminal entity known as REvil, was able to lock the networks of hundreds of Kaseya’s customers by targeting the company’s widely-used software.

Kaseya CEO Fred Voccola first announced on Friday that a suspected attack had taken place. Just two days later on July 4, Voccola asserted that the company had been the “victim of a sophisticated cyberattack.” 

REvil is believed to have relied on what are known as “zero-days,” vulnerabilities that have no known patch, to infiltrate Kaseya. Once the ransomware was deployed, countless victims were locked out of their own systems. REvil then informed the victims that their systems would be returned once a ransom was paid.

Although Kaseya has argued that less than 60 of its clients were affected, many of the customers of those clients were infected as well. The company later stated that it believed as many as 1,500 downstream businesses had been hit with the ransomware in what is referred to as a “supply-chain attack.”

REvil has claimed on its dark web blog, however, that it was able to infect at least 1 million systems as part of the attack. Individual victims have been told that they need to pay anywhere from $44,999 to $5 million to have their systems unlocked. REvil has also offered to unlock every system in exchange for a lump sum of $70 million.

The attack led President Joe Biden on Saturday to direct federal agencies to investigate. The incident comes just weeks after REvil took credit for the ransomware attack against meat supplier JBS, which ultimately paid the cybercrime gang $11 million.


Read more of the Daily Dot’s tech and politics coverage

Nevada’s GOP secretary of state candidate follows QAnon, neo-Nazi accounts on Gab, Telegram
Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology
EXCLUSIVE: ‘Say hi to the Donald for us’: Florida police briefed armed right-wing group before they went to Jan. 6 protest
Inside the Proud Boys’ ties to ghost gun sales
‘Judas’: Gab users are furious its founder handed over data to the FBI without a subpoena
EXCLUSIVE: Anti-vax dating site that let people advertise ‘mRNA FREE’ semen left all its user data exposed
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: Jul 6, 2021, 12:01 pm CDT