New information has emerged on how the Russia-linked cybercrime gang REvil may have carried out the Kaseya hack.

The Dutch Institute for Vulnerability Disclosure (DIVD) revealed that it had notified Kaseya of a number of zero-day vulnerabilities in its VSA software that were being used as a conduit to spread ransomware. When the July 2 attacks occurred, the nonprofit organization said that it was in the process of correcting the concerns as part of coordinated vulnerability disclosure.

More information on the vulnerabilities was not provided, however, DIVD chair Victor Gevers warned that the zero-days are easy to exploit. The attacks are reported to have affected at least 1,000 businesses, with victims identified in at least 17 countries, including Canada, the U.K., Argentina, Indonesia, Kenya, Mexico, New Zealand and South Africa.

Reports say REvil was demanding up to $5 million in ransom. However, late Sunday, it offered a universal decryptor software key that would unscramble all affected computers in exchange for $70 million in cryptocurrency in a statement on its dark website.

The FBI said in a statement that the scale of the attack "may make it so that we are unable to respond to each victim individually."

Deputy National Security adviser Anne Neuberger has since issued a statement in which she said that President Joe Biden had "directed the full resources of the government to examine this incident" and advised anyone who suspected they were compromised to notify the FBI.

Biden said Saturday that if Russia is found to be involved, the U.S. will respond.

In June, Biden pressed Russian President Vladimir Putin to quit providing protection to REvil and other ransomware groups whose relentless attacks the U.S. considers a national security threat.