It is one of the most expensive hacker attacks of all time-and Bitcoin also plays a role: the extortionist group “REvil” has hacked the service provider Kaseya and encrypted numerous user data. In order to make them readable again, the attackers now demand a record ransom.

70 Million Dollars in Bitcoin

While on Friday evening most had said goodbye to the well-deserved weekend, the alarm bells suddenly went off at companies around the world: A ransomware attack had paralyzed the IT systems of numerous companies.

However, the attackers did not target individual companies, but their suppliers Kaseya (a so-called supply chain attack). After exploiting a critical vulnerability, the attackers were able to infect some VSA servers used for remote computer management.

First, the Swedish supermarket chain Coop reported the incident: The company had to close some stores on Saturday due to the attack. In this country, too, it has hit numerous companies. Matthias Wachter, Head of the security department at the BDI, finds the” Welt am Sonntag ” opposite clear words:

“Never before has the German economy been attacked as strongly as it is today.“

True, the extent of the damage is not yet known. However, around 60 companies have been confirmed so far, with estimates of up to 1,000 victims. As a ransom, the “REvil”group demands a record-breaking $ 70 million in Bitcoin. In return, companies should receive a universal decryption system for the infected systems. This would enable everyone to reverse the effects of the attack within less than an hour.

Blackmailers first wanted Monero, then rather Bitcoin

Initially, the hackers did not want bitcoins from most of the victims, but 45,000 dollars in Monero. Apparently, after a change of heart, they then decided on the cryptocurrency number 1.

US President Joe Biden had already launched an investigation into the attack before REvil’s letter of confession. The hacker group called REvil is also known as”Sodinokibi”. Since the location of the grouping cannot be determined, only conjectures remain regarding its origin. For example, it is believed that it could be a Russian hacker group, since it has never attacked Russian organizations or countries of the former Eastern Bloc.

Authorities around the world are now working with Kaseya to investigate the attack.
The German Industry Association BDI also calls for a” national economic protection strategy ” to be prepared against such attacks in the future. According to IT security firm Sophos, REvil is”a mature and widely used ransomware-as-a-service (RaaS) offering.” This means that criminal customers can “lease” the ransomware from the developers, modify it at will and then place it on the computers of their victims.

Buy BTC on eToro now

Top Brokers for buying and trading cryptocurrencies

  • Buy Real Bitcoin or Bitcoin CFDs
  • Wallet and Exchange in one
  • 14 + Cryptos
  • EU regulated
  • Over 40 cryptos on offer
  • Fees rather in the midfield

Cryptocurrencies are a highly volatile, unregulated investment product. Your capital is at risk.