The REvil ransomware gang is asking for a $70 million ransom payment to publish a universal decryptor that can unlock all computers locked during the Kaseya incident that took place this past Friday, crypto news organizations has learned.
In a message posted on their dark web blog, the REvil gang officially took credit for the attack for the first time and claimed they locked more than one million systems during the Kaseya incident.
If honored, the demand would become the highest ransomware payment ever made.
A Kaseya spokesperson was not on hand to comment if the company would be considering paying the REvil gang’s ransom demand.
At the time of posting, the Kaseya ransomware incident is believed to have impacted thousands of companies across the world.
The attack took place on late Friday afternoon, just before the extended July 4 US weekend, when the REvil gang (or one of its collaborators) is believed to have used an exploit in the Kaseya VSA server to gain access to VSA appliances installed on customer premises.
VSA appliances are web-based platforms typically used by large corporations or managed service providers (MSPs) to manage remote computer fleets.
The REvil gang pivoted from the compromised VSA servers to all connected workstations and corporate networks to install their payload and encrypt customer files in one of the largest ransomware outbreaks in recent years.