WASHINGTON, July 5 (Reuters) – The hackers suspected to be behind a mass ransomware assault that affected a whole lot of firms worldwide late on Sunday demanded $70 million to revive the info, in accordance with a posting on a darkish website online.
The demand was posted on a web site sometimes utilized by the REvil cybercrime gang, a Russia-linked group that’s counted among the many cybercriminal world’s most prolific extortionists.
The gang has an affiliate construction, sometimes making it troublesome to find out who speaks on the hackers’ behalf, however Allan Liska of cybersecurity agency Recorded Future mentioned the message “virtually definitely” got here from REvil’s core management.
The group has not responded to an try by Reuters to succeed in it for remark.
REvil’s ransomware assault, which the group executed on Friday, was among the many most dramatic in a collection of more and more attention-grabbing hacks.
The gang broke into Kaseya, a Miami-based info know-how agency, and used their entry to breach a few of its shoppers’ shoppers, setting off a sequence response that shortly paralyzed the computer systems of a whole lot of corporations worldwide.
Cybersecurity consultants swiftly blamed REvil for the assault. Sunday’s assertion was the group’s first public acknowledgement that it was behind it.
An govt at Kaseya mentioned the corporate was conscious of the ransom demand however didn’t instantly return additional messages searching for remark.
Liska mentioned he believed the hackers had bitten off greater than they might chew.
“For all of their huge discuss on their weblog, I feel this bought manner out of hand and is rather a lot larger than they anticipated,” he mentioned.
Reporting by Raphael Satter; Enhancing by Kim Coghill, Robert Birsel
Our Requirements: The Thomson Reuters Trust Principles.