TeamHood 
The REvil hackers behind a mass ransomware attack that has affected hundreds of companies worldwide have demanded $70m to restore the data, according to a posting on a dark web site.
The attack on Friday propagated through Kaseya VSA cloud-based solution used by managed service providers (MSPs) to monitor customer systems and for patch management.
The demand was posted late Sunday night on a site typically used by the REvil cybercrime gang, a Russia-linked group that is counted among the cybercriminal world’s most prolific extortionists.
Multiple MSP customers have been impacted by these attacks and at least 1000 business networks has been encrypted by the REvil group.
Bleeping computer reports claims that so far REvil group only encrypt the data of MSP users but it did not stole any data. If the extorsion money was paid to REvil group they will decrypt all the files.
/REvilKaseya70Mil.jpg)
This is the highest ransom demand to date, the previous record also belonging to REvil, asking $50 million after attacking Taiwanese electronic and computer maker Acer.
The ransomware attack, one of the largest in history, spread worldwide on Saturday. In one instance of its effect, it forced the Swedish Coop grocery store chain to close all 800 of its stores because it could not operate its cash registers.
The full extent of this REvil ransomware attack remains unclear at the moment but the incident has triggered strong reactions from law enforcement, with the FBI announcing that they are working with CISA during their investigation.
