REvil, an alleged hacking group connected to Russia, claims that it could lock more than one million devices. Because of this, members of the hacking party are now demanding around $70 million in bitcoin.
They said that if they received this ransom, they would automatically free all the hacked devices. The well-known cybercriminal group has already hacked giant companies and organizations for the past months.
These include JBS, one of the largest meat suppliers across the globe.
After REvil breached the company's systems, staff were forced to stop their operations across North America. On the other hand, security experts said that the recent massive breach's scope is still currently unknown.
REvil's International Hacking Spree
According to NBC News' latest report, the REvil crime group started its international hacking spree on Friday, July 2. Hackers compromised a software company called Kaseya, which helps other tech firms manage basic software updates.
Since different manufacturers and tech companies currently use Kaseya's services, the compromised devices quickly increased. Although it might seem like a normal massive breach, the hacking activity of REvil is quite different from the ones conducted by other ransomware groups.
Security experts explained that instead of targeting only one company, the hacking group decided to compromise each victim's computer as a standalone target. At first, the involved online criminals asked only $45,000 to unlock each hacked device.
Now, REvil is asking for around $70 million ransom, which should be paid in BTH currency. On the other hand, the most affected company of the latest hacking spree is Coop, which is a Swedish grocery chain.
After being one of the hacking group's victims, Coop was forced to close around 800 stores all day last Saturday, July 3.
"Think about a retail chain, like grocery retail," said Mikko Hypponen, one of the researchers at F-Secure, a security firm.
"Every single cashier system is an endpoint. Every laptop. Everybody in the sales has a system, multiple servers. 200 stores, 300 stores, they alone would have thousands of endpoints," he added.
How REvil Pulled Off the Massive Hack?
The Wired reported that the Russian hacking group used trusted applications to get access to the devices of its targets.
Sean Gallagher, a senior threat expert at Sophos, explained that most cybercriminals are relying on multiple vulnerabilities to breach their victims' software completely.
The researcher added that REvil is improving its hacking methods to increase its victims easily.
For more news updates about REvil and other security threats, always keep your tabs open here at TechTimes.