‘Russia-Linked Group’ Accused of Hacking Spree Against Over 200 US Companies

The latest allegations of a hack attack originating from Russia, made by a private US cybersecurity firm, come just two days after US and British intelligence issued a joint advisory accusing Russia’s GRU military intelligence of a “global” “brute force” campaign of cyber malevolence.

A “Russia-linked” hacking group known as REvil has compromised over 200 US-based businesses in an ongoing ransomware hack attack, Maryland-based cybersecurity company Huntress Labs has reported, citing an internal threat analysis.

The hacks are said to be targeting managed service providers (MSPs) which deliver IT support to small and medium-sized businesses, with the attacks said to enable the evildoers to access these companies’ networks and demand ransoms by threatening to shut down systems.

Sources said to be familiar with the attacks told Bloomberg that Synnex Corp and Avtex LLC were among the MSPs targeted. Avtex president George Demou suggested that “hundreds” of MSPs may have been attacked in what he dubbed to be a “Global Supply Chain hack.” The official added that the company was now “working with” customers who were impacted.

Some of the ransomware victims have reportedly been asked to provide cash payments starting at $45,000 to get their services back online.

The US Cybersecurity and Infrastructure Security Agency (CISA) confirmed that it is aware of the hacks, releasing a statement saying that it is “taking action to understand and address the recent supply-chain ransomware attack against Kaseya VSA [a software developer used by MSPs] and the MSPs that employ VSA software.”

REvil is the same hacking collective blamed for May’s ransomware attack on the US operations of JBS SA, a major Brazilian meat processing company. That company said it was forced to pay $11 million by the hackers.

Before that, the group reportedly targeted Apple, Acer, the Texas government, a New York-based law firm, a London-based multi-academy trust, and US-based energy company Invenergy. The group also reportedly attempted to blackmail Donald Trump and the singers Lady Gaga and Madonna.

The hack attack comes less than 48 hours after the release of a joint advisory by US and UK intelligence services about the threat of a “global” campaign of “brute force” hacks by Russian military intelligence targeting “hundreds of US and foreign organisations” in the government and private sector.

The United States and its allies have spent years accusing Russia, its intelligence agencies or malevolent actors based in the Eastern European country of a broad range of hacking activities – from alleged attacks targeting the 2016 election, to claims of Russian schemes to shut off critical infrastructure, to allegations that Russian actors sought to hack US and British research into coronavirus vaccines.

In almost every instance, the US has failed to provide substantive proof of Russia’s alleged malevolent activities. Nevertheless, the hacking allegations have regularly served as the basis for new sanctions against Moscow.

Russia has repeatedly proposed expanding cooperation with the US and other countries in the field of cybersecurity and cybercrime. Last month, at their summit in Geneva, Presidents Putin and Biden reportedly agreed to discuss the issue seriously. Last week, Russian Ambassador to the United States Anatoly Antonov confirmed that the “first contacts” on cooperation in this sphere have recently taken place, but added that it would “take some time to get some serious results.”

Sourse: sputniknews.com

No votes yet.
Please wait...

Leave a Reply

Your email address will not be published. Required fields are marked *