With Kaseya Ransomware Attack, REvil Dismisses Mounting Global Scrutiny with More Large-Scale Targets

On July 2, 2021, the Russian ransomware extortionist threat group “REvil” (aka, “Sodinokibi” or “Sodin”) launched a ransomware attack against the technology provider, Kaseya, compromising and distributing malware through Kaseya’s VSA remote software and patch management tool. REvil initially made a $70M demand—later lowered to $50M—for a universal decryptor, as well as ransoms for individual organization victims of between $50,000 to $5M, based on organization size.