Hackers behind company cyberattacks demanding $70 million for data | Inquirer
 
 
 
 
 
 

Hackers behind company cyberattacks demanding $70 million for data

/ 05:59 AM July 05, 2021

Hackers suspected to be behind a mass extortion attack that affected hundreds of companies worldwide late on Sunday demanded $70 million to restore the data they are holding ransom, according to a posting on a dark web site.

The demand was posted on a blog typically used by the REvil cybercrime gang, a Russia-linked group that is counted among the cybercriminal world’s most prolific extortionists.

The gang has an affiliate structure, occasionally making it difficult to determine who speaks on the hackers’ behalf, but Allan Liska of cybersecurity firm Recorded Future said the message “almost certainly” came from REvil’s core leadership.

The group has not responded to an attempt by Reuters to reach it for comment.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

REvil’s ransomware attack, which the group executed on Friday, was among the most dramatic in a series of increasingly attention-grabbing hacks.

Hackers behind company cyberattacks demanding $70 million for data

The hackers behind a mass extortion attack that has targeted hundreds of companies worldwide have demanded $70 million to restore the data they are holding ransom. Julian Satterthwaite reports.

The gang broke into Kaseya, a Miami-based information technology firm, and used their access to breach some of its clients’ clients, setting off a chain reaction that quickly paralyzed the computers of hundreds of firms worldwide.

An executive at Kaseya said the company was aware of the ransom demand but did not immediately return further messages seeking comment.

ADVERTISEMENT

About a dozen different countries were affected, according to research published by cybersecurity firm ESET.

In at least one case, the disruption spilled out into the public domain when Swedish Coop grocery store chain had to close hundreds of stores on Saturday because its cash registers had been knocked offline as a consequence of the attack..

Earlier on Sunday, the White House said it was reaching out to victims of the outbreak “to provide assistance based upon an assessment of national risk.”

ADVERTISEMENT

The impact of the intrusion is still coming into focus.

Those hit included schools, small public-sector bodies, travel and leisure organizations, credit unions and accountants, said Ross McKerchar, chief information security officer at Sophos Group Plc.

McKerchar’s company was one of several that had blamed REvil for the attack, but Sunday’s statement was the group’s first public acknowledgement that it was behind the campaign.

Ransom-seeking hackers have tended to favor more focused shakedowns against single, high-value targets like Brazilian meatpacker JBS, whose production was disrupted last month when REvil attacked its systems. JBS said it ended up paying the hackers $11 million.

Liska said he believed the hackers had bitten off more than they could chew by scrambling the data of hundreds of companies at a time and that the $70 million demand was an effort to make the best of an awkward situation.

“For all of their big talk on their blog, I think this got way out of hand,” he said.

(Reporting by Raphael Satter; Editing by Kim Coghill, Robert Birsel)

Want stories like this delivered straight to your inbox? Stay informed. Stay ahead. Subscribe to InqMORNING

Don't miss out on the latest news and information.
TAGS: cyber crime, cyberattacks, Hackers
For feedback, complaints, or inquiries, contact us.
Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.




This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.