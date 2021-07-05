Washington

05 July 2021 22:42 IST

Experts say over 1,000 firms affected after data stolen from U.S. firm Kaseya

Hackers were on Monday demanding $70 million in bitcoin in exchange for data stolen during an attack on a U.S. IT company that has shuttered hundreds of Swedish supermarkets.

Researchers believe more than 1,000 companies could have been affected by the attack on Miami-based firm Kaseya, which provides IT services to some 40,000 businesses around the world.

The FBI warned on Sunday that the scale of the “ransomware” attack — a form of digital hostage-taking where hackers encrypt victims’ data and then demand money for restored access — is so large that it may be “unable to respond to each victim individually”.

Advertising

Advertising

Russian-link suspected

Sweden’s Coop supermarket chain was among the most high-profile victims, with “a majority” of their 800 stores still closed three days after the hack paralysed its cash registers, spokesman Kevin Bell said.

Mr. Bell stressed that the situation was looking “positive compared to a few days ago”, but the few hundred stores that have reopened were relying on alternative payment solutions, such as customers paying using their smartphones.

Experts believe the attack was probably carried out by REvil, a Russian-speaking hacking group known as a prolific perpetrator of ransomware attacks.

A post on Happy Blog, a site on the dark web previously associated with the group, claimed responsibility for the attack and said it had infected “more than a million systems”.

The FBI believes that REvil, also known as Sodinokibi, was behind a attack last month on global meat-processing giant JBS, which ended up paying $11 million in bitcoin to the hackers.

The blog post said the hackers would post a decryption tool online “so everyone will be able to recover from attack in less than an hour” — if they were handed $70 million in bitcoin.