Over the Fourth of July weekend, Russia-linked cybercriminals claim they infected more than a million systems globally with ransomware. The full scope of the attack is still unfolding after more than a thousand companies found their data encrypted on Friday in what could be largest ransomware spree in history.
The attack targeted Kaseya VSA, a software used by more than 36,000 customers, including managed service providers (MSPs). Many small to medium-sized businesses hire MSPs to oversee their IT infrastructure.
Kaseya CEO Fred Voccola said in an interview that 50-60 customers were affected, including nearly 40 MSPs. For each MSP targeted, there are dozens of companies at risk of compromise.
In a blog post on Sunday night, the ransomware group REvil offered the victims a universal decryption tool in exchange for a lump sum payment of $70 million in Bitcoin.