Ataques recientes de ransomware
July 6, 2021 - La banda de ransomware REvil ha demandado al proveedor de software Kaseya un pago de $70 millones en bitcoin para liberar información encriptada en un hackeo contra entre 800 y 1.500 empresas en todo el mundo.
Ransomware is malicious code that uses encryption to perpetually block an organization’s critical data in the hope of extorting a hefty ransom. A growing preference for “double-extortion” attacks sees hackers downloading data before encryption then threatening the victim with public exposure of their stolen data.
Florida-based Kaseya is a company that provides software tools to Managed Service Providers (MSPs). MSPs are information technology companies that handle networks for companies too small or modestly resourced to have tech departments.
One of those tools was used on Friday (July 2) by Russian-based REvil, also known as Sodinokibi, allowing hackers to paralyze hundreds of businesses globally. Although most of those affected have been small companies, the disruption hit Sweden, where supermarket chain Coop shuttered almost 800 stores on Friday.
The Kaseya hack is the latest in a wave of ransomware attacks on U.S. companies. Last month, meat-processing giant JBS paid $11 million to REvil. In May, Colonial Pipeline paid a $4.4 million demand by DarkSide -- another Russian group.
Ransomware attacks have caused alarm at the highest levels of government. In a June 16 meeting with Russian President Vladimir Putin, President Joe Biden called for a crackdown on Russian cyberattacks.
- Up to 1,500 businesses affected by ransomware attack, U.S. firm's CEO says (Reuters)
- Apple Targeted in $50 Million Ransomware Hack of Supplier Quanta (Bloomberg)
- $2.3 Million in Cryptocurrency seized (Department of Justice)
- Computer giant Acer hit by $50 million ransomware attack (Bleeping Computer)