Hackers demand €60 million to restore data held by companies hit in cyberattack

Hackers are demanding companies pay them almost €60 million to restore encrypted data held by them after launching a massive cyberattack last week.

The hackers suspected to be behind a mass ransomware attack that affected hundreds of companies worldwide late on Sunday, July 4, have demanded almost €60 million to restore the data, according to a posting on a dark website.

The demand was posted on a site typically used by the REvil cybercrime gang, a Russia-linked group that is counted among the cybercriminal world’s most prolific extortionists.

The gang has an affiliate structure, occasionally making it difficult to determine who speaks on the hackers’ behalf, but Allan Liska of cybersecurity firm Recorded Future said the message “almost certainly” came from REvil’s core leadership.

The group has so far not responded to any attempt by authorities to reach it for comment.

REvil’s ransomware attack, which the group executed on Friday, July 2, was among the most dramatic in a series of increasingly attention-grabbing hacks.

The gang broke into Kaseya, a Miami-based information technology firm, and used their access to breach some of its clients’ clients, setting off a chain reaction that quickly paralyzed the computers of hundreds of firms worldwide.

Cybersecurity experts swiftly blamed REvil for the attack. Sunday’s statement was the group’s first public acknowledgement that it was behind it.

An executive at Kaseya said the company was aware of the ransom demand but did not immediately return further messages seeking comment. Liska said he believed the hackers had bitten off more than they could chew.

“For all of their big talk on their blog, I think this got way out of hand and is a lot bigger than they expected,” he said.

Related:

Experts Warn Cyberattacks Could Lead To Nuclear Nightmare

Cyberwarfare has now become such a threat that NATO’s *Article 5 covers it. As Joe Biden confronts Vladimir Putin over recent attacks, experts warn the worst could be yet to come, with cyber threats pushing the superpowers toward a more dangerous threshold.

The brutal truth is that a global cyber-war has already begun- and it will probably never end. Governments, militaries, intelligence services, companies and even individuals are having to face up to the threats.

Closer to home: Cyberattack Brings Down Rincón City Councils Website

The council’s website is 100% operational again after the attack which is believed was carried out from abroad. It is understood there has been no leak of information from the Town Hall.

A cyberattack on a technology company based in Asturias Spain that provides service to thirty institutions throughout the country blocked the website of the Rincón de la Victoria City Council for three days in May this year, according to a report from La Opinion de Málaga.

Thank you for taking the time to read this article, please remember to come back and check The Euro Weekly News website for all your up-to-date local and international news stories.