A hacking gang has demanded a ransom of $70 million in bitcoin in exchange for a “global decryption software” it says will unlock the files of all victims.
The group calling itself REvil says its viruses, which initially targeted US IT company Kaseya, have infected one million “systems”.
The number has not been verified, while the number of victims of hacking operations is still unknown.
But the number is believed to include 500 supermarkets in Sweden and 11 schools in New Zealand.
Two Dutch IT companies were also attacked, according to local media reports.
Calculating the number of victims
Cyber and internet security firm Huntress Labs has estimated that about 200 companies have been affected.
The attack initially targeted Casaya, before spreading through the networks of companies using its software.
Cassaya said fewer than 40 of its customers were affected.
But since Casaya provides software to other companies including companies that provide IT services to other companies, the number of victims could be much higher.
The number of individual computer systems within those organizations may be greater.
Fred Fukulla, CEO of Casaya, told The Associated Press that the number of victims would probably be in the thousands, made up of small organizations such as dental clinics and libraries.
“The scale and complexity of this global crime is rare, if not unprecedented,” Professor Kieran Martin, founder of the National Center for Internet Security, told the BBC.
Martin believes that most of Revell’s members are in Russia or countries that were formerly part of the Soviet Union.
Professor Martin criticized Russia for providing a safe environment for hackers demanding ransom, but said the West makes it very easy for these gangs to get ransoms, “and it’s no surprise that they come back for more money”.
Experts expressed surprise that the group was demanding that the ransom be paid in bitcoin, rather than hard-to-trace cryptocurrencies like Monero.
On Twitter, Martin described Revell’s decision to demand bitcoin payments as “strange.”
Earlier this month, the US Department of Justice announced that it had tracked down and seized millions of dollars worth of bitcoins paid to the DarkSide ransomware group, which is responsible for shutting down the Colonial Oil pipeline.
“Money tracing remains one of the most important tools we have,” said Deputy Attorney General Lisa O.
Tom Robinson, founder of Elliptech, which analyzes bitcoin payments, told the BBC that his company had noticed that Revell was continuing to negotiate with individual customers for ransoms worth less than $200,000, despite asking for $70 million to repair the damage to all companies affected by its attack. .
He said that Revell prefers to use the Monero cryptocurrency, but that it will be difficult to purchase $70 million of the coin for practical and regulatory reasons.
“Reader. Infuriatingly humble travel enthusiast. Extreme food scholar. Writer. Communicator.”