Hackers Demanding $70 Million to Unlock 1 Million Hijacked Devices

The hacker group responsible for an international crime spree over the Fourth of July weekend demands $70 million in bitcoin to unlock a million devices it currently has hijacked.

REvil, a Russia-linked gang, is most known for hacking JBS, one of the world’s primary meat suppliers, and temporarily shutting down its operations across much of North America. However, according to some cybersecurity experts, their latest attack may be much more significant.

The hackers started their destructive binge on Friday by infiltrating Kaseya, a tech firm that helps businesses handle basic software upgrades. The number of victims expanded swiftly since many of Kaseya’s customers are corporations that administer internet services for other companies. REvil did not lock an individual organization, as ransomware gangs typically do. Instead, they locked each victim’s computer as a standalone target, initially demanding $45,000 to unlock each one.

Coop, a Swedish grocery chain, is currently the largest known victim. The hack caused them to close the majority of its nearly 800 stores on Saturday. Its registers are all controlled online by Visma Esscom, a Kaseya customer. The hackers locked them, rendering them all unusable.

Though it is undoubtedly a significant number, it’s unclear how many systems have been infected. According to Huntress, a cybersecurity firm assisting Kaseya with its response, more than 1,000 firms have been compromised so far. Given how few victims are speaking publicly and the fact that no government or organization has a record of everyone impacted, REvil’s claim that they hacked more than a million devices in this attack is impossible to confirm or refute.

President Joe Biden has “directed the full resources” of the government toward investigating the attack.

Allan Liska, an analyst with the cybersecurity firm Recorded Future Regardless, says that it is unlikely victims will band together to pay $70 million despite the number of victims.

“Despite the braggadocio in their note, I actually think it is actually a sign they are overwhelmed,” Liska explained.