Hacking Group Revil Hits Hundreds Of US Firms With Ransomware

Ransomware attacks have been among the most popular ways for hackers to obtain money from companies, individuals, and all kinds of institutions around the world. Over the last several years, the world has seen some of the biggest ransomware attacks in history.

Now, another massive attack has taken place, with the hacking group known as REvil allegedly infesting over a million computers with ransomware. The group allegedly conducted an attack by using a network management package, provided by Kaseya — a global remote software supplier.

With the computers of over 200 different US companies infected, REvil is demanding a ransom of $70 million in Bitcoin in order to provide the affected companies with a decryption key. Otherwise, none of these firms will be able to break the encryption and access their files.

What is Known About the Attack?

REvil announced its attack on a dark web website called Happy Blog. It revealed that it had infected over a million machines across the globe, promising that it would unlock all of them if the ransom of $70 million in BTC is paid. However, it wasn’t long before it started negotiating individual ransoms, offering to change the amount to $5 million.

The blog post published by the group says that, if the total amount is paid, the group would publish the decryptor publicly that will fit all victims. It further noted that companies could make a full recovery in under an hour with the decryptor in their possession.

Given the size of the attack, this seems to be the largest ransomware attack on IT systems in history. The US authorities have already reacted to the incident, with the US President, Joe Biden, requesting that the FBI investigate matters. Furthermore, Biden also issued a warning to Russia, threatening ‘dire consequences’ should the investigation find that the country was in any way involved.

The attack itself appears to have happened on July 4th, the US’ national holiday. This may have been a coincidence, or a part of the hackers’ plan, given that the holiday weekend meant that there would be fewer people on duty, and unable to respond to the attack as soon as they noticed that something was wrong.

The list of companies that were affected is rather long, and it includes even IT systems in countries like the Netherlands and Sweden. However, it should also be pointed out that only a handful of Kaseya’s customers were directly affected. Other than that, the attack has had quite devastating consequences, bringing down numerous IT systems in as many as 17 different countries.

Huntress Labs’ senior security researcher, John Hammond, commented on the incident by saying that REvil attacked managed service providers with more than 1,000 endpoints by using Kaseya’s technology. According to him, the attack can only be described as ‘colossal and devastating,’ as the attack’s effects immediately spread to all of the providers’ customers, as soon as the providers themselves were affected.

REvil Steps Up its Activity in 2021

Many may also remember REvil from its recent attack on Colonial Pipeline earlier this year, in May. The group demanded a $5 million ransom to withdraw. Almost immediately after Colonial Pipeline, the group also hit JBS Holdings, which paid as much as $11 million to get the group to release the seized systems.

Despite the fact that Bitcoin transactions can typically be traced, the group took precautions to make it impossible to identify who they are. They used crypto mixers to hide the transaction and mix the coins they received through ransoms with other existing cryptos. After that, the coins were likely sent to a number of different addresses in order to make it even more difficult to track them down and identify the attackers.

Leave a Reply

Your email address will not be published.

Related Articles
Read More

How Realistic Is A $400,000 Bitcoin?

The pioneer cryptocurrency has been on a rampage lately, posting year-to-date returns of nearly 124%. BTC has gained over 36,050 points since the beginning of the year, going from a low of $28,950 to a new all-time high of nearly $65,000. Despite the massive gains...
Read More

Into The Metaverse: 5 Tokens To Watch Closely

The Metaverse contains virtual worlds in which people can do most of the things doable in real life. These include working, having fun, shopping, exercising, fighting and socializing. They can also engage in business activities. Among these activities include buying art, land and even attending...
Read More

The Most Promising Coins Going Into The Q4 2021 Crypto Bull Run

The crypto market is surging full throttle with its total market cap sitting just shy of $3 trillion at the time of writing this article. Similarly, others are wondering if low-latency, high-speed smart contract platform Solana (SOL) will overtake Ethereum as the latter battles with...