The hackers responsible for this weekend’s cyberattack against Kaseya, and that affected more than 1,500 companies around the world, demanded this Tuesday the sum of $ 70 million in bitcoins to allow these corporations to resume operations.
The REvil group, of Russian origin and whom the experts point to as responsible, published this petition on a site associated with what is known as the Dark Web (Dark Internet), according to US media.
The pirates request the payment in bitcoins, and assure that if they receive the money they will make known the computer code required to reopen access to clients’ files.
The attack occurred this Saturday through Kaseya, a software company based in Miami (Florida), which provides services to more than 40,000 organizations around the world.
The Russian group REvil is the one pointed out by the investigators as responsible for the cyberattack on Kaseya. Photo: Shutterstock
By all indications, the hackers launched a “zero-day” attack, a term used when a vulnerability has a Time’s window between when a threat is posted and a solution is launched.
In these cases, criminals infiltrate a computer system and sow malware (computer virus) that renders it unusable, waiting for victims pay extortion lawsuits to thus obtain a decoder key.
Kaseya confirmed that its systems management platform, called the VSA, suffered a “sophisticated” cyber attack, but estimated that it affected a “very small number” of users.
In an update on his website this Monday he placed the number of companies affected in 1,500. In turn, cybersecurity experts identified that the attack impacted at least 17 countries.
The Swedish supermarket chain Coop was another of the indirect victims of the attack. The company could not use its network of cash registers since Friday since the company with which it has subcontracted the computer service, Visma Esscom, which was also implicated in the event.
The FBI is on the Russian trail
Experts and federal authorities recognized that the cyberattack was carried out deliberately at the start of the holiday week related to July 4, since during these days the US offices were understaffed due to the celebration of the Day. of the independence.
Kaseya provides IT services to some 40,000 companies around the world. Photo: REUTERS.
“Although the scale of this incident may make we cannot respond to each victim individually, all the information we receive will be useful to counteract this threat, “the FBI detailed in a statement.
The agency encouraged those affected to report if they were the target of the attack with ransomware (a program that hijacks user data in exchange for a payment to release it) and to follow the recommendations of the affected firm.
Kaseya’s cyberattack came after those suffered in recent months in the US such as the one on Colonial, the largest pipeline network in the United States, and JBS, the world’s largest meat processor, who were victims of similar operations by hackers.
With information from EFE.