Kaseya ransomware attackers demand $70 million, claim they infected over a million devices

Three days after ransomware attackers started the holiday weekend by compromising Kaseya VSA, we have a clearer idea of how widespread the impact has been. In a new ransom demand, the attackers claim to have compromised more than 1 million computers, and demand $70 million to decrypt the affected devices.

Kaseya’s software is used by Managed Service Providers to perform IT tasks remotely, but on July 2nd, the Russia-linked REvil ransomware group deployed a malicious software update exposing providers who use the platform, and their clients.

The Dutch Institute for Vulnerability Disclosure (DIVD) revealed that it appears the exploit used for the breach was same one they discovered and were in the process of addressing when the attackers...

Continue reading…