The ransomware threat group that calls itself REvil made use of a vulnerability in IT management software from Kaseya to attack over 1,000 businesses late last week. The attacks pivoted through at least eight Managed Service Providers (MSPs) employed by those businesses to remotely manage their workstations and servers, and used the vendor trust relationship and access that the MSPs had to install ransomware on their clients computers. On Friday, the REvil gang set the initial ransom for the over one million affected devices to $70 million USD. That price is for the universal decryptor, which would unlock all of the devices hit with the ransomware. It should be noted that REvil allegedly has dropped the prices to $50 million and is apparently willing to negotiate on price. Currently, it is not known if any of the victims have paid the ransom.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in