Ransomware Group REvil Hacks 200 U.S. Companies, Demands $70M In Bitcoin As Ransom

Ransomware Group REvil Hacks 200 U.S. Companies, Demands $70M In Bitcoin As Ransom

REvil has reportedly pulled off the biggest ransomware attack in history. Deploying a vicious malware that has affected 200 companies in the United States. And over a million companies across the world. According to the group, they deployed a universal malware that has infected over a million network systems.

REvil is now demanding $70 million in Bitcoin to be paid to the group before they would release the universal decryptor for “more than a million” infected systems.

Initially, the hacker group REvil had asked each affected business to pay $45,000 in Monero individually. But then the group revised its demands and now wants $70 million in Bitcoin. This comes in light of President Biden earlier asking President Putin to stop protecting hackers. The hacker group REvil is a Russian group that has been terrorizing businesses for a while now.

How Did REvil Get In?

According to reports, the group had started by hacking a U.S.-based company named Kaseya. But according to Kaseya, only a few dozen of its customers had actually been affected by the hack. But it seems the ripple effect of those affected carried on.

Kaseya had earlier been alerted by the Dutch Institute for Vulnerability Disclosure (DIVD) that they had a number of zero-day vulnerabilities in its VSA software that were being exploited by attackers. But Kaseya said that they were actually in the process of fixing these vulnerabilities when the attack took place on Friday, July the 2nd.

After this, REvil had apparently managed to gain access to firms and businesses in 17 countries in an unprecedented attack. According to the group, they were able to get into and bring down the networks of over a million businesses worldwide.

An attack of this magnitude and sophistication had never been seen before. The sheer span of the attack boggles the mind. The attack spanned over 17 countries and somehow remained coordinated enough to shock even experienced cybersecurity experts.

REvil gained notoriety earlier this year when they successfully hacked meat processor JBS Foods.

The attack had seen the company pay $11 million in Bitcoin to the attackers.

Why Do Ransomware Attacks Always Use Bitcoin?

This is a valid question. Why Bitcoin? Given that there are much better privacy coins out there that attackers could use without having to worry about leaving a trail. REvil had earlier asked for Monero, so it is evident they know this too. Monero is a privacy coin that could see the attackers scoop their loot away without worry about evidence.

Why use a blockchain that has every single transaction evident for the world to see?

There is the fact that these attackers need evidence of their exploits. And Bitcoin provides them that.

Also, it could just come down to the kind of system the attackers have in place. It could be that they trust their Bitcoin systems to be more secure than they do the systems they have for other coins. Hence the reason they keep using Bitcoin.

But with the recent recovery of coins from the Colonial Pipeline ransomware attack, one would be right to ask if their systems are really secure.

Source