Cyber researchers said a $70 million payment in bitcoin is being asked by REvil, a ransomware gang, for a decryptor instrument after it attacked the software vendor Kaseya.
According to Allan Liska, researcher at cybersecurity firm Recorded Future, the universal tool mirrors REvil’s “logistical nightmare” as it is bombarded with multiple possible victims they can open negotiations with.
“We know there are thousands of victims here. REvil [has] limited resources to handle negotiations and process keys,” Liska noted as he tagged the attack as the most gigantic attack that targeted the state supply chain. It might also be possible the second largest ransomware attack to ever surface.
Experts said the complete effect of the attack was not yet felt until people will go back to work on Tuesday.
“Not everyone will have seen the alerts or had the urgency to check their own network/systems,” Bryce Webster-Jacobsen, intelligence head at cybersecurity firm GroupSense, said.
Kaseya has yet to release additional information, as it promised to do so on Monday morning.
The software vendor on Sunday evening said that the attack “has been localized to a very small number of on-premises customers only.”
But every client, specifically the IT service providers, can incur multiple unaffected customers themselves, which can even reach thousands, according to a report by CNN.
Liska, questioned whether he spotted any difference in REvil, which is also behind the attack on JBS Foods, said the notorious group were “just more arrogant. If that is possible.”