The Kaseya incident: Hackers behind the Kaseya attack now demanding $70 million
On Friday last week, there was a massive ransomware attack that hit several MSP providers. Consequently, more than a million systems were infected. Hackers behind the Kaseya attack now demanding $70 million.
Hackers behind the Kaseya attack might be from Russia, the well know breeding ground for hackers
It is now not a secret that Russia is one of the major centres for malware attacks in the world. Spanning Eastern Europe and Northern Asia, Russia is famous for several reasons. But one major reason is that it's home to some of the smartest brains , and who are more dangerous behind a computer keyboard.
In recent years, Russian hackers have been linked to several malware attacks, especially in the U.S. And when you thought those allegations are false, the REvil group of hackers is here to prove to you otherwise.
The Kaseya incident
The Russian-linked ransomware gang recently conducted a massive malware attack that affected more than one million systems. They are now back demanding $70 million Bitcoin payment as ransom. It is with this amount that they are going to create a decryptor that will unlock all the systems affected during the attack.
According to a message posted on their official website, the gang for the first time took credit for the attack. Furthermore, they claimed that they tampered with more than 200 systems in the U.S, and several others across the world. The $70 million ransom, if honoured, will be the highest ever made for such an incident.
The Kaseya incident took place last Friday afternoon, hours just before the July 4 weekend. The attackers used an exploit to the Kaseya VSA server which gave them access to VSA appliances installed on client premises. VSA appliances are web-based platforms used by large firms to manage remote computer fleets.
The REvil gang, through its collaborators, pivoted from the affected servers to all connected workstations. Consequently, they installed their payload and encrypted customer files. The Kaseya incident is arguably one of the largest ransomware outbreaks in recent years.
Kaseya's take concerning the requested ransom
Concerning the requested ransom, no Kaseya spokesperson has come out to clear waves whether they'll pay the amount or not. It is however believed that the attack hit so bad that it may force them to honour. Several customer files have been tampered with and some of their documents encrypted. Kaseya is a Miami-based IT firm with several customers across the world.
Equally important, if the ransom is not paid, the attackers may decide to sell the files on the dark web. And this will even result in more frustrations as this attack is said to have closed hundreds of Swedish supermarkets.
FBI's stand about payment of ransoms.
The U.S is one of the countries which has been hit with a series of ransomware attacks. Most of these attacks are linked to Russia-based hackers, which are believed to have ties with their government. In May, Darkside, another hacker believed to be based in Russia, waged a major attack on Colonial Pipeline. The attack caused a major gas shortage because the key East Coast pipeline went offline for many days.
As a result of this attack the government paid a $4.4 million ransom. Only $2.3 million was later recovered. Now, payment of ransom is controversial. It's undoubtedly one of the fastest and most effective ways to recover your data, yes, but the FBI discourages it. According to the FBI, paying ransom encourages more crime, and not all who pay ransom get decryptors at long last.
Do you find this content interesting?
Let us know by leaving a comment and a rating.
Also, don't forget to follow our Official Telegram Channel to stay informed and safe by Reading NOIRdotNEWS