Join the hunt for $12,000,000+ in NEXO Tokens!

Learn More

REvil Demands $70M in Bitcoin After Ransomware Attack

The Colonial Pipeline hackers are back, demanding a $70 million Bitcoin ransom to put an end to an attack that's affected hundreds of companies worldwide.

REvil Demands $70M in Bitcoin After Ransomware Attack
Shutterstock cover by ViChizh

Key Takeaways

  • Notorious cybercriminal gang REvil has taken control of hundreds of companies worldwide in a sophisticated ransomware attack.
  • The group has demanded $70 million in Bitcoin for a key to help affected users recover their systems.
  • The U.S. government says it is looking into the matter.

Share this article

Russian cybercriminal group REvil is demading a $70 million Bitcoin ransom after carrying out a major ransomware attack in the U.S. and Europe. 

A Colossal Ransomware Attack 

A group of hackers is demanding $70 million worth of Bitcoin to put an end to a major ransomware attack.

The group claims to have infected more than 1 million systems. It has shut down over 500 stores of the supermarket chain Coop in Sweden alone.

The attackers have been identified as the Russian group REvil. Details of the hack were shared on the group’s dark web portal earlier today. The group is demanding $70 million in Bitcoin as a ransom for a “universal decryptor” that would allow the owners of the infected systems to recover from the attack. 

bitcoin ransomware
Source: Reddit

The main software provider Kaseya Ltd. and governments in at least 17 nations have been working since Friday to crack the encrypted lock on thousands of affected computers. Kaseya wrote in a Sunday blog post:

“Due to our teams’ fast response, we believe that this has been localized to a very small number of on-premises customers only.” 

Still, its users haven’t been given a green signal to restart their operations. The company suggested a halt Friday. 

The Miami-based IT solutions providers reported earlier today that the hackers took down only a “small portion” of its total clientele, roughly 40 customers out of more than 40,000 worldwide. However, the 40 targets are distributors to hundreds of smaller firms worldwide, accounting for 50 to 60% of the firm’s userbase. These include Coop in Sweden, a surgeon in Germany, and many other small businesses like “dental practices, architecture firms, plastic surgery centers, libraries,” most of which are located in the U.S. Experts have suggested that it could be the largest ransomware attack ever.

REvil has emerged as one of the world’s most sophisticated online gangs after its first major ransomware attack of $11 million from the meat-processor JBS after this year’s Memorial Day. 

A week later, the group targeted a major oil pipeline in the U.S., blocking supply to around 14 American states. Nevertheless, the FBI was able to recover the Bitcoin ransom within days of the $2.3 million payment. 

The FBI published a statement over the weekend confirming that it was investigating the attack along with the  Cybersecurity and Infrastructure Security Agency (CISA), noting that the “potential scale” of the incident may make it difficult to respond to individual victims. Deputy National Security Advisor for cybercrime Anne Neuberger said in a press statement that President Biden had “directed the full resources of the government to investigate this incident.”

Share this article