Last week, a massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack and now the ransomware gang is increasing the ransom demands.

The below is a screenshot shared by BleepingComputer.

When encrypting a victim’s network, REvil can use multiple encrypted file extensions during the attack. The threat actors typically provide a decryptor that can decrypt all extensions on the network after a ransom is paid.

For victims of the Kaseya ransomware incident, REvil is doing things differently and demanding between $40,000 and $45,000 per individual encrypted file extension found on a victim’s network.

For one victim who stated they had over a dozen encrypted file extensions, the ransomware gang demanded a $500,000 ransom to decrypt the entire network, Bleepingcomputer reports.