REvil, an alleged hacking group connected to Russia, claims that it could lock more than one million devices. Because of this, members of the hacking party are now demanding around $70 million in bitcoin.
Since different manufacturers and tech companies currently use Kaseya's services, the compromised devices quickly increased. Although it might seem like a normal massive breach, the hacking activity of REvil is quite different from the ones conducted by other ransomware groups.
Security experts explained that instead of targeting only one company, the hacking group decided to compromise each victim's computer as a standalone target. At first, the involved online criminals asked only $45,000 to unlock each hacked device.
Now, REvil is asking for around $70 million ransom, which should be paid in BTH currency. On the other hand, the most affected company of the latest hacking spree is Coop, which is a Swedish grocery chain.
After being one of the hacking group's victims, Coop was forced to close around 800 stores all day last Saturday, July 3.
"Think about a retail chain, like grocery retail," said Mikko Hypponen, one of the researchers at F-Secure, a security firm.
"Every single cashier system is an endpoint. Every laptop. Everybody in the sales has a system, multiple servers. 200 stores, 300 stores, they alone would have thousands of endpoints," he added.
How REvil Pulled Off the Massive Hack?
The Wired reported that the Russian hacking group used trusted applications to get access to the devices of its targets.
Sean Gallagher, a senior threat expert at Sophos, explained that most cybercriminals are relying on multiple vulnerabilities to breach their victims' software completely.
The researcher added that REvil is improving its hacking methods to increase its victims easily.
For more news updates about REvil and other security threats, always keep your tabs open here at TechTimes.
Related Article : REvil Ransomware Gang Strikes Again, Attacks French Connection Clothing
