Piratas russos exigem $70 mihões em cibrataque
July 6, 2021 -
Equipas de cibersegurança trabalham para conter o impacto do maior
ciberataque global de sempre — um ataque a “cadeia de fornecimento”
infetando milhares de utilizadores do software VSA da Kaseya.
Russia's notorious REvil gang, famed for extorting $11 million from meat-processor JBS, has infected thousands of computers in at least 17 countries with malware which encrypts all their data, rendering files inaccessible.
The hackers are demanding a ransom of $70 million in cryptocurrency, in return for giving users access to decryption software that will allegedly return their files to normal.
The hack took place on June 2, with details now emerging of how it was undertaken.
The cyberattack was very sophisticated, sending malicious code disguised as a legitimate software update for Kaseya VSA – software used by big corporations, or service providers for small businesses, to manage servers, software, services and even hardware.
Once installed, the malware was able to spread like a disease and encrypt the contents of hard drives and servers, rendering them useless.
Security software company Sophos says more than 70 managed service providers are impacted. REvil claims on its dark web "Happy Blog" that more than one million systems are infected.
The FBI advises those affected not to pay up. There is no guarantee an encryption key will unlock files, or even if REvil will supply one. Historically, 92% of firms that pay a ransom are unable to recover all their data.