Sunday’s ransomware attack on US-based managed service providers shows Revil’s ferociousness in taking advantage of US companies following its recent spree of ransomware attacks on US companies.
REvil, a Russian-based hacker group, has been known to use ransomware attacks in exchange for Bitcoin (BTC).
In May, the hacker group hacked into Colonial Pipeline’s system and demanded $5 million in Bitcoin, which the company had to pay to be allowed back to its systems, although the US Federal Authorities later recovered $2.3 million (63.7 BTC) of the money.
And as if it was not satisfied by the money it milked from Colonial Pipeline Company, the group hit again towards the end of May, and this time it was JBS Holdings, the world’s largest meat company by sales. JBS Holdings had to pay $11 million to be allowed to use its systems.
Yesterday, Sunday of June 4, Australia’s ABC News reported that the group has once again hit, and this time it has hacked into the cloud service of Kaseya, a software supplier, and used the company’s network management package to spread the ransomware to about 200 US-based managed service providers.
There are reports that over 1 million machines have been affected, and the group is demanding $70 million to be paid in Bitcoin for a decrypter of the ransomware.