The suspected perpetrators behind last weekend’s massive hacking action demand a cash amount of $70 million (about 59 million euros) in bitcoin. For that amount, cyber criminals would release the data of the thousands of companies affected. The alleged perpetrators have made this known on their site Happy Blog on the dark web. Messages from the hacker group have also been published on that platform. “We will publicly post a key that will unlock all victims’ documents so that everyone can be recovered within an hour,” they write. It would be one of the largest cyber attacks of its kind ever.
Also read: Ransomware Attack Affects Over 1,000 Businesses
The Russian-affiliated hacker group REvil may be behind the cyber attack, which in May also disrupted the servers of the American meat processor JBS. The attack began on Friday, in which thousands of businesses were squatted. Organizations in the Netherlands have also become victims. Most of the affected companies are located in the United States. The total damage linked to the cyber attack is not yet entirely clear. In Sweden, supermarket chain Coop had to temporarily close the nearly 800 stores in the Scandinavian country – the hack had put the cash registers out of action.
The hackers distributed ransomware from the American software supplier Kaseya for remote IT management. The National Cyber Security Center (NCSC) in The Hague advised affected companies on Saturday to disable Kaseya’s VSA product. VSA is widely used by management parties in IT services to other companies, according to the NCSC. This allows them to maintain and manage customers remotely. By distributing the ransomware in this way, the attack gained wide reach and the number of affected companies quickly increased.
Also read: Biden, Putin and the diplomatic dance for the Russian hackers