REvil Issues A $70 Million Bitcoin Ransomware Demand Following Supply Chain Attack

CryptoMode CWT Ransomware Bitcoin REvil

It almost seemed as if the correlation between Bitcoin and ransomware was finally a thing of the past. But, sadly, that is not the case, as the REvil group is still very active. They now want a $70 million ransomware payment in bitcoin following a massive attack against supermarkets and schools, among others.

REvil Strikes Yet Again

After many years of successful ransomware attacks, one would expect this method to become less effective. Hundreds of significant incidents have been reported worldwide over the years. In most cases, victims paid the Bitcoin ransom without giving it a second thought. That should never be an option, and several initiatives have been launched to prevent victims from paying any ransom demand. 

Even so, the people responsible for distributing and creating new forms of ransomware remain as active as ever. That is not entirely surprising, as there is still good money to be made with distributing this malicious software. Some attacks are small-scale, whereas others create an immediate domino effect. The recent exploits by REvil show how precarious the situation globally still is today. 

In its latest attack, REvil successfully infected over 500 Coop supermarkets, 11 schools in New Zealand, and at least two Dutch IT firms. An impressive feat, yet no one knows for sure how widespread the damage is. A report by Huntress Labs puts the current estimate at 200 different firms and institutions, which is a very problematic number. It is strange to see a supply chain attack with ransomware be this successful, although it may be a sign of things to come.

The attack against Kaseya has affected many corporate clients using its software. However, what is interesting is how Kaseya claims only 40 of its clients were affected by the REvil attack. That said, the software is also in use by firms who use outsourced IT services from Kaseya’s direct partners. Thus, a total tally of a few thousand victims is not impossible, spanning primarily smaller organizations, including libraries.

The $70 Million Ransom

To make things even more intriguing, REvil demands a $70 million ransom payment. Their preferred method of choice is Bitcoin, despite the currency offering no privacy or anonymity. Bitcoin has been the go-to payment option for ransomware attacks, even though Monero demands saw a slight surge a few years ago. In exchange for this $79 million, REvil would provide a “universal decrypter” for all victims. Whether such a tool even exists is unknown. 

Thankfully, it appears that no one will have to make a payment just yet. Support pours in from the public and private sectors to help untangle the current mess. The attack was halted in its tracks through these efforts, keeping thousands of networks safe from harm. Unfortunately, that does little to help those who are already infected by this malicious code. Kaseya has yet to plug the security hole exploit by REvil as well.

For now, there is no immediate solution to this large-scale attack. An unfortunate development, although security experts remain vigilant and keep working on the case. Avoiding such a huge payout is the top priority, as it would create a perilous precedent. 

None of the information on this website is investment or financial advice and does not necessarily reflect the views of CryptoMode or the author. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website by its authors or clients. Always conduct your research before making financial commitments, especially with third-party reviews, presales, and other opportunities.