The group behind the ransomware attack distributed via Kaseya VSA asks $70 million for a tool that removes encryption from all affected computers. Meanwhile, the price seems to be dropping sharply.
According to security news site The Record, REvil, the group behind the attack, claimed responsibility for the attack in a dark web blog, claiming that more than a million systems were affected. The criminals say they want to negotiate a universal decryption tool that makes all files accessible again on all devices. But for that, it demands 70 million dollars in bitcoin.
If someone pays that, it would be the highest ransomware fee ever. But in the meantime, the price seems to be dropping a bit. Ethical hacker Jack Cable posts a screenshot of a conversation with REvil on Twitter in which it talks about $50 million and that the price is negotiable. But, for example, it also offers a tool for specific files.
This weekend, several organizations became infected with the REvil ransomware. This mainly happened through vulnerabilities in Kaseya VSA, software to monitor and manage systems remotely. As a result, the Swedish supermarket chain Coop, among others, had to close for a while.
This weekend, the CCB issued a warning not to use Kaseya for the time being. But in the meantime, IT service provider ITxx also announced that the victim was not using Kaseya software.