The hackers behind the recent ransomware attack of the IT firm Kaseya have offered a universal decryptor software key that could unlock all affected machines for $70 million.
Breitbart News recently reported that between 800 and 1,500 businesses worldwide have been affected by a recent ransomware attack that focused on the U.S. tech firm Kaseya, according to the company’s CEO Fred Voccola.
One of Kaseya’s tools was recently subverted allowing hackers to shut down hundreds of businesses worldwide. Most of these businesses were small or mid-sized — including dentist practices and accounting firms — but in Sweden, hundreds of supermarkets were forced to close as their cash registers became inoperative. In New Zealand, many schools and kindergartens were taken offline.
The attack was reportedly perpetrated by an affiliate of the notorious REvil hacking group which is best known for extorting $11 million from the meat-processor JBS. The group initially began demanding ransoms of up to $5 million to unlock the affected systems; but late on Sunday, the group posted a universal decryptor software key for sale on its dark web page. The key costs $70 million.
Now CBS News reports that cybersecurity experts are working to determine exactly how the attack took place and to undo the damage caused by the ransomware attack. Kaseya CEO Fred Voccola discussed the attack stating: “The level of sophistication here was extraordinary.”
Voccola said that he is confident that when the cybersecurity firm Mandiant finishes its investigation it will find that the criminals didn’t just violate Kaseya code in breaking into the company’s network but also exploited vulnerabilities in third-party software.
One Dutch vulnerability researcher, Victor Gevers, stated that his team is worried about software management products like Kaseta’s because of the total control of vast computing resources they can offer. More and more of the products that are used to keep networks safe and secure are showing structural weaknesses,” he stated.
Cybersecurity expert Dmitri Alperovitch, of the Silverado Policy Accelerator think tank stated that while he doesn’t believe that the Kaseya attack is Kremlin-directed, it would appear to show that Putin “has not yet moved” on shutting down the cybercriminals likely operating from Russia.
Read more at CBS News here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address firstname.lastname@example.org