REvil lowers demand from $70M in Bitcoin (BTC) to $50M for last week's ransomware attack
The Russian group was behind the massive ransomware attack on Friday which affected at least 200 U.S. firms.
Wed, 07 Jul 2021, 09:02 am UTC
The REvil group has lowered its demand to $50 million in Bitcoin (BTC). The Russian group was behind the massive ransomware attack on Friday which affected at least 200 U.S. firms.
The ransomware group initially demanded $70 million in Bitcoin (BTC) in exchange for a “universal decryptor,” according to BBC. This decryptor will unlock all files that were affected by the ransomware attack, which targeted businesses across a dozen countries.
However, the hacker group appears to have recently lowered its demand, according to CNBC. An affiliate of the REvil group told Krebs Stamos Group’s Jack Cable that he is now selling the universal decryptor for $50 million.
Jack Cable said that he was able to get in touch with the group after obtaining a cryptographic key needed to log on to REvil’s payment portal. “It makes you wonder if they’re having a hard time getting people to pay,” he said.
Reuters was able to log on to the portal and chat with an operator. The operator said that the price is unchanged at $70 million but added that “we are always ready to negotiate.”
Allan Liska of cybersecurity firm Recorded Future opined that the group might have bitten off more than they could chew by encrypting so much data at once. “For all of their big talk on their blog, I think this got way out of hand,” Liska said.
Eleven schools and several kindergartens in New Zealand were affected by the attack. The REvil representative described disruption in classes as an accident.
However, the representative did not express remorse when the attack closed hundreds of Coop supermarkets in Sweden. “It’s nothing more than a business,” the rep said.
The attack initially targeted Kaseya, an IT firm based in the U.S. The company said that fewer than 40 of its clients were affected.
However, Kaseya provides software to service providers, which provide IT services to other companies resulting in the higher number of affected firms. REvil said that its malware affected around one million systems.
<Copyright © TokenPost. All Rights Reserved. >