Thousands of Kaseya clients fall prey to REvil ransomware attack
Category: #headlines  By Pranali Mehta  Date: 2021-07-07
  • share
  • Twitter
  • Facebook
  • LinkedIn
Thousands of Kaseya clients fall prey to REvil ransomware attack

Reportedly, hundreds of clients using the network management and remote-control software developed by the U.S. technology firm Kaseya were hit by file-encrypting malware, causing commotion and temporary closure of businesses.

For those unfamiliar, the Miami-based firm develops software for remotely managing a company's IT networks and devices. The software is sold to managed service providers, particularly outsourced IT departments, for managing the networks of their customers, typically smaller businesses.

Sources with knowledge of the matter stated that the hackers linked to Russia's REvil ransomware-as-a-service group are said to have sent malware to Kaseya's customers via an unexplored security flaw in the software's update mechanism, which then spread downstream to their customers.

Many of the victim firms may not have been aware that Kaseya's software was monitoring their networks. Kaseya advised clients to immediately switch off their on-premise servers, and its cloud service was taken down as a precaution, even though it was not suspected to be compromised.

John Hammond, the senior security researcher at Huntress Labs, mentioned the ransomware infected roughly 30 managed service providers, allowing it to spread to well over 1,000 businesses. Further, Security firm ESET added that they know of victims in 17 countries, including Canada, South Africa, the United Kingdom, New Zealand, Indonesia, and Kenya.

According to a Kaseya update, about 60 of their clients were compromised, with fewer than 1,500 companies affected.

It is to be noted that Dutch researchers discovered multiple zero-day vulnerabilities in the company’s software while inspecting the security of web-based admin tools. The bugs were conveyed to Kaseya and being patched when the hackers attacked, revealed Victor Gevers, head of the group of researchers.

REvil confirmed to have conducted the attack through a post on a dark website, believed to be owned by the ransomware organization and said it would publicly reveal a decryption tool if paid USD 70 million in bitcoin.

Source Credit- https://techcrunch.com/2021/07/05/kaseya-hack-flood-ransomware/

  • share
  • Twitter
  • Facebook
  • LinkedIn

About Author

Pranali Mehta

Pranali Mehta    

Pranali Mehta boasts of over three years of experience as a content writer. Having completed her graduation in chemical engineering, she worked as safety & environment associate in a chemical company for a year. Harnessing her passion for writing however, Pranali deci...

Read More >>

More News By Pranali Mehta

KKR to acquire renewable energy firm ContourGlobal for £1.75Bn
KKR to acquire renewable energy firm ContourGlobal for £1.75Bn
By Pranali Mehta

ContourGlobal, a British power generation firm, has recently accepted a private equity takeover at a time when the demand for greener energy is increasing due to market turmoil caused by the Ukraine conflict. According to sources, the company has ...

Tata Power obtains a huge solar project from NHPC worth $223Mn
Tata Power obtains a huge solar project from NHPC worth $223Mn
By Pranali Mehta

Tata Power, an electric utility firm based in India, has recently obtained a solar project worth Rs 1,731 crore ($223 million) from NHPC (National Hydroelectric Power Corporation). According to sources close to the move, the wholly-owned division ...

Tamkeen enters strategic partnership with Bank of Bahrain & Kuwait
Tamkeen enters strategic partnership with Bank of Bahrain & Kuwait
By Pranali Mehta

Bahrain-based government agency, Tamkeen has recently inked a new strategic partnership agreement with the Bank of Bahrain and Kuwait (BBK) in a row with novel support programs. Incidentally, the agreement is an addition to the partnership agreeme...