TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentralTechCentral
    NEWSLETTER
    • News

      Consortium makes unsolicited bid for state’s 40% stake in Telkom

      12 August 2022

      Actually, solar users should pay more to access the grid – here’s why

      12 August 2022

      Fixing SA’s power crisis is not complex: it simply takes the will to do better

      12 August 2022

      Telkom says MTN talks remain on track

      12 August 2022

      Analysis | Rain muddies the waters with approach to Telkom

      11 August 2022
    • World

      Tencent woes mount, even after $560-billion selloff

      12 August 2022

      Huawei just booked its first sales rise since US blacklisting

      12 August 2022

      Apple remains upbeat about iPhone sales even as Android world suffers

      12 August 2022

      Ether at two-month high as upgrade to blockchain passes major test

      12 August 2022

      Gaming industry’s fortunes fade as pandemic ends

      11 August 2022
    • In-depth

      African unicorn Flutterwave battles fires on multiple fronts

      11 August 2022

      The length of Earth’s days has been increasing – and no one knows why

      7 August 2022

      As Facebook fades, the Mad Men of advertising stage a comeback

      2 August 2022

      Crypto breaks the rules. That’s the point

      27 July 2022

      E-mail scams are getting chillingly personal

      17 July 2022
    • Podcasts

      Qush on infosec: why prevention is always better than cure

      11 August 2022

      e4’s Adri Führi on encouraging more women into tech careers

      10 August 2022

      How South Africa can woo more women into tech

      4 August 2022

      Book and check-in via WhatsApp? FlySafair is on it

      28 July 2022

      Interview: Why Dell’s next-gen PowerEdge servers change the game

      28 July 2022
    • Opinion

      No reason South Africa should have a shortage of electricity: Ramaphosa

      11 July 2022

      Ntshavheni’s bias against the private sector

      8 July 2022

      South Africa can no longer rely on Eskom alone

      4 July 2022

      Has South Africa’s advertising industry lost its way?

      21 June 2022

      Rob Lith: What Icasa’s spectrum auction means for SA companies

      13 June 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»Sections»Information security»Hackers demand R1-billion after mass extortion attack – SA firms targeted

    Hackers demand R1-billion after mass extortion attack – SA firms targeted

    Information security By Agency Staff5 July 2021
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    Hackers suspected to be behind a mass extortion attack that affected hundreds of companies worldwide late on Sunday demanded US$70-million (R1-billion) to restore the data they are holding ransom, according to a posting on the dark Web.

    The demand was posted on a blog typically used by the REvil cybercrime gang, a Russia-linked group that is counted among the cybercriminal world’s most prolific extortionists.

    The gang has an affiliate structure, occasionally making it difficult to determine who speaks on the hackers’ behalf, but Allan Liska of cybersecurity firm Recorded Future said the message “almost certainly” came from REvil’s core leadership. The group has not responded to an attempt to reach it for comment.

    About a dozen different countries were affected, including South Africa, according to research published by cybersecurity firm ESET

    REvil’s ransomware attack, which the group executed on Friday, was among the most dramatic in a series of increasingly attention-grabbing hacks.

    The gang broke into Kaseya, a Miami-based information technology firm, and used their access to breach some of its clients’ clients, setting off a chain reaction that quickly paralysed the computers of hundreds of firms worldwide.

    An executive at Kaseya said the company was aware of the ransom demand but did not immediately return further messages seeking comment.

    Disruption

    About a dozen countries were affected, including South Africa, according to research published by cybersecurity firm ESET.

    In at least one case, the disruption spilled out into the public domain when Swedish Coop grocery store chain had to close hundreds of stores on Saturday because its cash registers had been knocked offline as a consequence of the attack..

    Earlier on Sunday, the White House said it was reaching out to victims of the outbreak “to provide assistance based upon an assessment of national risk”.

    The impact of the intrusion is still coming into focus. Those hit included schools, small public-sector bodies, travel and leisure organisations, credit unions and accountants, said Ross McKerchar, chief information security officer at Sophos Group.

    McKerchar’s company was one of several that had blamed REvil for the attack, but Sunday’s statement was the group’s first public acknowledgement that it was behind the campaign.

    Ransom-seeking hackers have tended to favour more focused shakedowns against single, high-value targets like Brazilian meatpacker JBS, whose production was disrupted last month when REvil attacked its systems. JBS said it ended up paying the hackers $11-million.

    Liska said he believed the hackers had bitten off more than they could chew by scrambling the data of hundreds of companies at a time and that the $70-million demand was an effort to make the best of an awkward situation.

    “For all of their big talk on their blog, I think this got way out of hand,” he said.  — Reported by Raphael Satter, (c) 2021 Reuters

    ESET REvil Sophos top
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleVodacom taps Congo operation for Ethiopia MD
    Next Article Facebook partners with Liquid to expand Africa fibre network

    Related Posts

    Tencent woes mount, even after $560-billion selloff

    12 August 2022

    Huawei just booked its first sales rise since US blacklisting

    12 August 2022

    Consortium makes unsolicited bid for state’s 40% stake in Telkom

    12 August 2022
    Add A Comment

    Comments are closed.

    Promoted

    Get your brand in front of TechCentral’s amazing audience

    12 August 2022

    Pricing Beyond CMYK: printers answer the FAQs

    11 August 2022

    How secure is your cloud?

    10 August 2022
    Opinion

    No reason South Africa should have a shortage of electricity: Ramaphosa

    11 July 2022

    Ntshavheni’s bias against the private sector

    8 July 2022

    South Africa can no longer rely on Eskom alone

    4 July 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.