The REvil ransomware gang is trying to extort $70 million from IT security management software company Kaseya, The Wall Street Journal reports.
About 50 of Kaseya's customers have been compromised by REvil's July 2 attack, and about 40 of those customers are manager service providers. Security experts estimate that at least 200 companies in the U.S. have been affected, according to Newsweek. Most of the organizations affected are small and medium-size institutions, cybersecurity experts told the Journal.
REvil is requesting $70 million to unlock all the systems, but victims of the attack have been told they can pay varying amounts between $25,000 and $5 million directly to REvil to unlock their systems if nobody pays the $70 million. REvil said that upon payment, they will release a "universal decryptor" that would unlock computers that had been encrypted and compromised by the attack, according to a July 4 note posted to the group's website, according to the Journal.
Kaseya CEO Fred Voccola declined the Journal's request to comment about payments.
The Journal reached one of REvil's members through an intermediary for comment about the attack. The ransomware gang member said: "We don’t need a lot of noise. Only money."
Last month, REvil carried out a ransomware attack on Las Vegas-based University Medical Center and posted personal data belonging to an unknown number of patients online to its hacker group website.