Hackers suspected to be behind a mass extortion attack that affected hundreds of companies worldwide late on Sunday demanded US$70 million to restore the data they are holding ransom, a posting on a dark Web site said.
The demand was posted on a blog typically used by the REvil cybercrime gang, a Russia-linked group that is counted among the cybercriminal world’s most prolific extortionists.
The gang has an affiliate structure, occasionally making it difficult to determine who speaks on the hackers’ behalf, but Allan Liska of cybersecurity firm Recorded Future said the message “almost certainly” came from REvil’s core leadership.
The group has not responded to an attempt by Reuters to reach it for comment.
REvil’s ransomware attack, which the group executed on Friday, was among the most dramatic in a series of increasingly attention-grabbing hacks.
The gang broke into Kaseya, a Miami-based information technology firm, and used their access to breach some of its clients’ clients, setting off a chain reaction that quickly paralyzed the computers of hundreds of firms worldwide.
An executive at Kaseya Ltd said the company was aware of the ransom demand, but did not immediately return further messages seeking comment.
About a dozen countries were affected, research published by cybersecurity firm ESET said.
In at least one of the cases, the disruption spilled out into the public domain when the Swedish Coop grocery store chain had to close hundreds of stores on Saturday because its cash registers had been knocked offline as a consequence of the attack.
Earlier on Sunday, the White House said that it was reaching out to those affected by the outbreak “to provide assistance based upon an assessment of national risk.”
The impact of the intrusion is still coming into focus.
Those hit included schools, small public-sector bodies, travel and leisure organizations, credit unions and accountants, Sophos Group PLC chief information security officer Ross McKerchar said.
McKerchar’s company was one of several that had blamed REvil for the attack, but Sunday’s statement was the group’s first public acknowledgment that it was behind the campaign.
Ransom-seeking hackers have tended to favor more focused shakedowns against single, high-value targets like Brazilian meatpacker JBS SA, whose production was disrupted last month when REvil attacked its systems.
JBS said it ended up paying the hackers US$11 million.
Liska said he believed the hackers had bitten off more than they could chew by scrambling the data of hundreds of companies at a time, and that the US$70 million demand was an effort to make the best of an awkward situation.
“For all of their big talk on their blog, I think this got way out of hand,” he said.
Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), the world’s largest contract chipmaker, yesterday said its materials management head, Vanessa Lee (李文如), had tendered her resignation for personal reasons. The personnel adjustment takes effect tomorrow, TSMC said in a statement. The latest development came one month after Lee reportedly took leave from the middle of last month. Cliff Hou (侯永清), senior vice president and deputy cochief operating officer, is to concurrently take on the role of head of the materials management division, which has been under his supervision, TSMC said. Lee, who joined TSMC in 2022, was appointed senior director of materials management and
Nvidia Corp CEO Jensen Huang (黃仁勳) on Thursday met with US President Donald Trump at the White House, days before a planned trip to China by the head of the world’s most valuable chipmaker, people familiar with the matter said. Details of what the two men discussed were not immediately available, and the people familiar with the meeting declined to elaborate on the agenda. Spokespeople for the White House had no immediate comment. Nvidia declined to comment. Nvidia’s CEO has been vocal about the need for US companies to access the world’s largest semiconductor market and is a frequent visitor to China.
Hypermarket chain Carrefour Taiwan and upscale supermarket chain Mia C’bon on Saturday announced the suspension of their partnership with Jkopay Co (街口支付), one of Taiwan’s largest digital payment providers, amid a lawsuit involving its parent company. Carrefour and Mia C’bon said they would notify customers once Jkopay services are reinstated. The two retailers joined an array of other firms in suspending their partnerships with Jkopay. On Friday night, popular beverage chain TP Tea (茶湯會) also suspended its use of the platform, urging customers to opt for alternative payment methods. Another drinks brand, Guiji (龜記), on Friday said that it is up to individual
STABLE RESULTS: Despite June’s lower consolidated revenue, second-quarter sales still reached a record high, driven by demand for chips for AI applications Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) yesterday reported consolidated sales of NT$263.71 billion (US$9.02 billion) for last month, its second-lowest monthly result this year. The world’s largest contract chipmaker said in a statement that its revenue last month only fared better than the NT$260.01 billion posted in February. Last month’s figure rose 26.9 percent from a year earlier, but slumped 17.7 percent from May, the company said. However, second-quarter revenue reached NT$933.8 billion, a record high for a single quarter, company data showed. The figure represented growth of 11.26 percent from the first quarter and 38.6 percent from a year earlier. Previously, TSMC said that
RSS