REvil ransomware group will hand over Kaseya attack decrypt key for $70 million

midian182

Posts: 7,081   +62
Staff member
What just happened? The Russia-based REvil hacker gang has revealed how much it wants for the decryption key that will unlock systems affected by its Kaseya supply-chain attack last week: $70 million in Bitcoin, a ransomware record.

To recap, an attack targeting Kaseya's VSA cloud-based system management platform, which is used for remote monitoring and IT management, took place last Friday. Cybersecurity firm Huntress Labs initially thought around 200 businesses were impacted, but it recently revised that figure to over 1,000.

As reported by Bleeping Computer, REvil claims that the campaign has reached more than a million devices. The group is willing to negotiate for a universal decryption key that will unlock all the encrypted files, but it comes with a very high starting price of $70 million in BTC. It had previously asked for $5 million from MSPs (managed service providers) for the tool and a $44,999 ransom from their customers.

Image courtesy of Bleeping Computer

That $70 million is a record for a ransomware attack, beating the previous $50 million REvil demanded from Acer earlier this year. It asked the same amount from Apple manufacturing partner Quanta but dropped those demands the day before it was supposed to be paid, for some reason.

On Saturday, President Joe Biden revealed he had instructed US intelligence agencies to investigate the attack. He said, "we're not certain" who is behind it. "The initial thinking was it was not the Russian government but we're not sure yet."

The president said the United States would respond if it does determine Russia is to blame for the incident.

To learn more about ransomware, check out our The Evolution of Ransomware: How Did We Get Here? feature

Masthead credit: Andrey_Popov

Permalink to story.

 

QuantumPhysics

Posts: 5,226   +5,927
My answer for my own computer:

#1 Most of my files are in clloud storage (games in STEAM, files in NAS, etc)

#2 I use an 8TB SSD for my computer but back it up to a large HDD.

#3 I keep my OS on a separate drive from my important files.

#4 In the event I get ransomed, I keep a clone SSD ready to go.

I truly hope that these hackers are found and executed. It's time to make examples.
 

wiyosaya

Posts: 6,393   +4,725
My answer for my own computer:

#1 Most of my files are in clloud storage (games in STEAM, files in NAS, etc)
Is cloud storage immune from ransomeware attacks? :imp:
#2 I use an 8TB SSD for my computer but back it up to a large HDD.
Backups are good.
#3 I keep my OS on a separate drive from my important files.
Pretty common practice these days. I bet those who write ransomeware have thought of this, too.
#4 In the event I get ransomed, I keep a clone SSD ready to go.
Backups are good.
I truly hope that these hackers are found and executed. It's time to make examples.
Not extreme?? I think life in prison without the possibility of parole would make just as good of an example. Perhaps you should move to Communist China since you seem to like it there anyway. You would probably get your wish along with other extreme punishments.
 

pcnthuziast

Posts: 1,152   +861
Joe will end up getting us in a war with Russia. Fitting since the Dems and the left want the death of America.
 

umbala

Posts: 402   +568
My answer for my own computer:

#1 Most of my files are in clloud storage (games in STEAM, files in NAS, etc)

#2 I use an 8TB SSD for my computer but back it up to a large HDD.

#3 I keep my OS on a separate drive from my important files.

#4 In the event I get ransomed, I keep a clone SSD ready to go.

I truly hope that these hackers are found and executed. It's time to make examples.
You never fail to post the most ridiculous replies. This attack affected businesses not your personal porn collection you have backed up in the cloud. If we started executing people for other people's stupidity I have a feeling you'd be dead long ago.
 

umbala

Posts: 402   +568
Joe will end up getting us in a war with Russia. Fitting since the Dems and the left want the death of America.
You sound like a Russian troll. By the way, the majority of America is liberal and they want the death of their own country? Yeah, that makes sense. I bet you miss the old days when Captain Orangina had his head up so far Putin's *** he could taste saliva.
 

Reehahs

Posts: 1,262   +929
$70 million demand is enough for a USB company to buy several missiles for live and precise delivery.

Wow. Extremist much? Death is a fairly harsh punishment for what amounts to stealing money jacking over someones computer..

It is all fun and games until it is critical infrastructure or a hospital that gets ransomware.
 

brucek

Posts: 863   +1,247
It is all fun and games until it is critical infrastructure or a hospital that gets ransomware.
Agree. I don't know about this specific attack, but there is a point where once you've hit enough hospitals, pipelines, sheriff's offices, etc. you are causing deaths and that's close enough to act of war for me. Give diplomacy a chance - ask to extradite - but if a host government refuses, there is a point where rendition, drones, or eventually war is not inappropriate. Which is scary, because if some of this is from state-sponsored actors I.e. North Korea, that war may not be a simple affair.

But I will start the blame at home. We should have passed a law making it illegal to pay these ransoms. Each one paid is financing the next round of more sophisticated software, targeted phishing, etc. etc.
 

AuerX

Posts: 9   +2
Corporations cheap out on security systems.
America goes to war.
Always about the $$$.
 

Reehahs

Posts: 1,262   +929
Agree. I don't know about this specific attack, but there is a point where once you've hit enough hospitals, pipelines, sheriff's offices, etc. you are causing deaths and that's close enough to act of war for me. Give diplomacy a chance - ask to extradite - but if a host government refuses, there is a point where rendition, drones, or eventually war is not inappropriate. Which is scary, because if some of this is from state-sponsored actors I.e. North Korea, that war may not be a simple affair.

But I will start the blame at home. We should have passed a law making it illegal to pay these ransoms. Each one paid is financing the next round of more sophisticated software, targeted phishing, etc. etc.

Definitely, including laws on proper backups and system security.

Do what they do, send in the little green men or do what Israel does to deal with tin-pot nuclear sites.
 

3volv3d

Posts: 401   +204
Now hear me out... Is it not possible that capitalism, greed, from the likes of Facebook, is to blame. selling all your data to dodgy companies, passing it around to everyone else.
Those little details of people maiden names and pets. Making it easy for those hackers, to figure out that Janice in accounting used her middle name or birthday of her dog, and oh they're in.
I blame covid, once lockdown fully ends, then these hackers will be back outside playing war with their neighboring areas.
And America can go back to arguing with it's divided self.
I wonder why Russia even bother. I mean are they just poking the bear for fun? They don't need to start a war, the US citizens do more harm to themselves than Russia could. Guns and diabetes.
What's more concerning is that the US let the UK drop off the unfunny untalented James Corden and seem to be OK with it. Maybe again cause hes a bit chunky, probably thought he was just American with a speech impediment.
He's yours now. No takey backsy.