Ransomware hacking group REvil brought the networks of at least 200 U.S. companies to their knees on Friday and is now demanding $70 million in bitcoin.
- Australia's ABC News reported on Saturday REvil had targeted software supplier Kaseya and used its network-management package to spread the ransomware via the cloud.
- Over 1 million machines are said to be infected, according to various other reports.
- The Russian-based ransomware group is now demanding the bitcoin in exchange for a decrypter for the infected machines.
- "On Friday we launched an attack" on managed service providers, a post from the dark web site Happy Blog reads. "More than a million systems were infected."
- In May, REvil attacked Colonial Pipeline and managed to get the company to pay a $5 million ransom after its functionality and services were restricted, sparking a gas crisis in the U.S.
- JBS Holdings, the world’s largest meat company by sales, also paid an $11 million ransom in a May 30 attack against it by the same group.
- During a Friday public appearance, President Joe Biden said he'd ordered U.S. intelligence agencies to investigate the attack, and he would take measures if Russia was behind it.
Updated: July 5, 2021, 16:14 UTC: Information about President Biden's directive was added.