The demand was posted on a site typically used by the REvil cybercrime gang, a Russia-linked group that is counted among the cybercriminal world's most prolific extortionists.
The gang has an affiliate structure, occasionally making it difficult to determine who speaks on the hackers' behalf, but Allan Liska of cybersecurity firm Recorded Future said the message "almost certainly" came from REvil's core leadership.REvil's ransomware attack, which the group executed on Friday, was among the most dramatic in a series of increasingly attention-grabbing hacks.
The gang broke into Kaseya, a Miami-based information technology firm, and used their access to breach some of its clients' clients, setting off a chain reaction that quickly paralyzed the computers of hundreds of firms worldwide. Cybersecurity experts swiftly blamed REvil for the attack. Sunday's statement was the group's first public acknowledgement that it was behind it.
An executive at Kaseya said the company was aware of the ransom demand but did not immediately return further messages seeking comment."For all of their big talk on their blog, I think this got way out of hand and is a lot bigger than they expected," he said.More from ReutersSubscribe for our daily curated newsletter to receive the latest exclusive Reuters coverage delivered to your inbox.
Do any of these companies do offsite backups?
China are experts in hacking
Resembles a hot information war using proxies to exact state sponsored attacks. This appears to be an unconventional war. They just won't admit it for fear of it devolving into a conventional hot war. *This is not geopolitical advice. Do your own research*
The hacked companies have no one to blame but themselves.
Who is to blame? The companies management, that's who!
Track and Hunt them down
I would think the govt should have this figured out.
Getting what TFG owes and can't pay?