• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

SwaCash | Internet Marketing News

Latest Updates on Tech, Internet & Digital World

  • Home
  • Digital Marketing
  • Social Media
  • Technology
  • About
  • Contact Us
You are here: Home / News / Kaseya: the ransomware behind the attack was programmed to avoid Russian-speaking systems

Kaseya: the ransomware behind the attack was programmed to avoid Russian-speaking systems

July 10, 2021 by Amer Bekic

REvil, the group behind the attack, is suspected of operating from Russian territory.

Photo by Michael Geiger on Unsplash

According to a report by cybersecurity firm Trustwave SpiderLabs relayed by NBC, the ransomware that hit IT firm Kaseya on July 2, 2021, contains code to bypass any system that uses Russian or a related language. The group behind the attack, REvil, is known to operate from Russian territory.

The Kremlin is not necessarily involved in the attack, however.

On July 6, 2021, the US administration said it had not yet been able to identify the origin of the ransomware, which has affected between 800 and 1,500 organizations, according to estimates. For some, the number is even higher. The ransom of REVIL reached 70 million. However, eyes quickly turned to Russia.

The Trustwave SpiderLabs report appears to confirm this suspicion. According to information gathered by the researchers, the ransomware is designed to avoid “systems whose default languages ​​come from what used to be the USSR region.” This includes Russian, Ukrainian, Belarusian, Tajik, Armenian, Azerbaijani, Georgian, Kazakh, Kyrgyz, Turkmen, Uzbek, Tatar, Romanian, Moldovan Russian, Syriac and Syriac Arabic”. It is not the only one to have such an option. Ransomware from the DarkSide group, behind the May attack on Colonial Pipeline, appeared to be equipped with a similar system.

Just because viruses are avoiding Russia doesn’t necessarily mean they’re being ordered for the Kremlin. It seems to be more of a protection against local authorities. Ziv Mador, vice president of security research at Trustwave SpiderLabs, told NBC : “They don’t want to annoy the local authorities and know they can go about their business for a lot longer if they do it this way.”

The difficult cooperation between Russia and the United States on ransomware

Traditionally, Russia tends to ignore requests for collaboration on cybercrimes that have not impacted the country. The MIT Technology Review recently returned to an attempted collaboration between Americans, Russians and Ukrainians in 2010, Operation Trident Breach. The operation ended in failure, especially when the FSB, the Russian services, cut off all contact with their associates at the time. Among the targets of the operation at the time, some got into ransomware and would even have occasionally collaborated with the Russian services.

The United States, which made ransomware one of the major threats of the time, stepped up pressure on Russia to cooperate more with foreign authorities. Cybercrime was one of the central questions of the interview between Joe Biden and Vladimir Poutin in Geneva, in June, on the sidelines of the G7. The US national security adviser said at the time that the Americans had “set clear milestones with Russia, clear expectations, and also communicated to it the capabilities we have if it chooses not to act against them. criminals attacking our critical infrastructure from Russian soil”.

The attack on Kaseya may be a test of any Russian goodwill to act against cybercriminals in its territory. Cyberwar reports that the Russian presidency, via the TASS news agency, said it did not receive a request for collaboration from the United States on July 5. This demand could come, accompanied by pressure, if the attribution of the ransomware correctly indicates Russia.

Filed Under: News

Primary Sidebar

E-mail Newsletter

More Articles

Three Tweets related to EtherRock sales

Not one not two, Three digital pet rock cliparts sell for $600K each

August 22, 2021 By Amer Bekic

PolyNetwork Hacking Incedence

Hacker who stole $800 Million, now offered a white hat job by its victim firm

August 20, 2021 By Amer Bekic

credit card back panel containing the magnetic stripe

MasterCard announces future without magnetic stripe on the back.

August 17, 2021 By Amer Bekic

Fortune magazine sells its cover art as NFT. Raises 1.3 Million dollars

August 14, 2021 By Amer Bekic

Bored Ape Yacht Club Token 3749

This bored ape pic just sold for 1.29 Million dollars!

August 14, 2021 By Amer Bekic

Footer

Search this site

Recent Articles

  • Not one not two, Three digital pet rock cliparts sell for $600K each
  • Hacker who stole $800 Million, now offered a white hat job by its victim firm
  • MasterCard announces future without magnetic stripe on the back.
  • Fortune magazine sells its cover art as NFT. Raises 1.3 Million dollars
  • This bored ape pic just sold for 1.29 Million dollars!

Browse Topics

  • Blogging (164)
  • Content Marketing (7)
  • Cryptocurrency (5)
  • Digital Marketin (4)
  • Digital Marketing (333)
  • E-commerce (122)
  • Google (195)
  • Google Ads (24)
  • Marketing (166)
  • News (344)
  • Seo (74)
  • Social Media (43)
  • Technology (27)
  • Uncategorized (82)
  • WordPress (22)

Tags

Amazon Android Apple Apple Watch Artificial Intelligence B2B Bitcoin Blogging China Content Content Marketing Coronavirus Cryptocurrency Cybercriminals cybersecurity Digital Digital Marketing Facebook Gaming Google Increase Sales Instagram Intel internet strategy iOS 15 iPhone iPhone 12 IPhone 13 Make Money Marketing Microsoft Nvidia Online Marketing Samsung Science Search engine optimization Seo SEO optimization by content Social Media Social networks Technology TikTok Twitter Windows 11 YouTube

© 2019–2025 · SwaCash.com