Ransomware extortionists claim to have blocked countless computers in companies around the world with a Trojan and are now demanding tens of millions of dollars. Only then will a decryption tool be available that will “free” all infected computers.
As the blog The Record reports, there was a widespread attack on so-called “Managed Service Providers” (MSP) on Friday, in which a group called REvil, according to their own account, managed to get numerous computers managed by the Kaseya company at thousands of companies and authorities and paralyze other organizations with an encryption Trojan.
More than a million computers affected
The Trojan is said to have infected more than a million systems worldwide. As an MSP, Kaseya is actually a large provider of remote management solutions, where the company maintains countless customer PCs over the Internet. On Friday, REvil apparently succeeded in transferring its payload in the form of the ransomware Trojan to countless computers as a result of exploiting a vulnerability in the so-called VSA server used by Kaseya.
Due to the high number of encrypted systems, work in various companies around the world is said to be paralyzed, so that one assumes that it could be one of the largest ransomware attacks in recent years. According to a blog entry in the so-called “Dark Web“, the blackmailers are now demanding payment of a huge sum in Bitcoin, which should be the equivalent of 70 million.
Should the affected companies and organizations actually decide to comply with the demand for a ransom to be paid to the extortionists, it would be the highest amount ever paid after a ransomware attack. In return, a decryptor would be made available that would make all systems affected by the attack accessible again within less than an hour, so the promise of the attackers.
Brian is the news author at Research Snipers which mainly covers Technology News, Microsoft News, Google News, Facebook, Apple, Huawei, Xiaomi, and other tech news.