Hackers who claim to be behind a mass ransomware attack that has affected hundreds of companies have demanded $70m in Bitcoin to restore the data.

The attack was executed on Friday and has affected at least 200 companies in the United States.

On Sunday, a ransom demand was posted on a blog typically used by the REvil gang, a major Russian-speaking ransomware syndicate.

President Joe Biden visits the store at King Orchards fruit farm Saturday, July 3, 2021, in Central Lake, Mich. (AP Photo/Alex Brandon)
Image:
President Joe Biden had previously said he could not rule out Russian involvement in the attack

The group said: “We launched an attack on MSP providers. More than a million systems were infected. If anyone wants to negotiate about universal decryptor – our price is 70 000 000$ in BTC and we will publish publicly decryptor.”

The group has an affiliate structure, making it difficult to determine who speaks on the hackers’ behalf, but Allan Liska from cybersecurity firm Recorded Future said the message “almost certainly” came from REvil’s core leadership.

The ransomware attack was among the most dramatic in a series of increasingly attention-grabbing hacks.

The gang broke into Kaseya, a Miami-based information technology firm, and used their access to breach some of its clients’ clients, setting off a chain reaction that quickly paralyzed the computers of hundreds of firms worldwide.

More on Cyberattacks

Cybersecurity experts blamed REvil for the attack but the statement posted on Sunday was the group’s first public acknowledgement that it was behind it.

Mr Liska said he believed the hackers had bitten off more than they could chew.

“For all of their big talk on their blog, I think this got way out of hand and is a lot bigger than they expected,” he said.

US President Joe Biden said on Saturday that his government is not sure who was behind the attack but he did not rule out Russian involvement.

Experts believe the attack was deliberately timed to coincide with the 4 July holiday weekend, when fewer IT staff are traditionally on duty.

Such cyber attacks typically infiltrate widely used software and spread malware as it updates automatically.

It is not yet clear how many Kaseya customers might be affected or who they might be but the company has hired cybersecurity company FireEye to help deal with the fallout.

You May Also Like

‘Doomsday mom’ Lori Vallow to be sentenced for murders of her children she thought were zombies

Evil spirits, zombies and the end of the world. Lori Vallow’s murder…
Hamas’ Global War What Do College Campuses Have to Do With It? By Howard Bloom

Hamas’ Global War What Do College Campuses Have to Do With It? By Howard Bloom

The standard story in the Western media right now is that Israel…

That 70s Show star ‘raped women and hid behind Church of Scientology’

American actor Danny Masterson drugged women’s drinks so he could rape them…

Eight U.S. states cast ballots on biggest voting day since coronavirus pandemic

WASHINGTON (Reuters) – Eight states and the District of Columbia hold primary…