Thousands of Kaseya clients fall prey to REvil ransomware attack
Category: #headlines  By Pranali Mehta  Date: 2021-07-07
  • share
  • Twitter
  • Facebook
  • LinkedIn
Thousands of Kaseya clients fall prey to REvil ransomware attack

Reportedly, hundreds of clients using the network management and remote-control software developed by the U.S. technology firm Kaseya were hit by file-encrypting malware, causing commotion and temporary closure of businesses.

For those unfamiliar, the Miami-based firm develops software for remotely managing a company's IT networks and devices. The software is sold to managed service providers, particularly outsourced IT departments, for managing the networks of their customers, typically smaller businesses.

Sources with knowledge of the matter stated that the hackers linked to Russia's REvil ransomware-as-a-service group are said to have sent malware to Kaseya's customers via an unexplored security flaw in the software's update mechanism, which then spread downstream to their customers.

Many of the victim firms may not have been aware that Kaseya's software was monitoring their networks. Kaseya advised clients to immediately switch off their on-premise servers, and its cloud service was taken down as a precaution, even though it was not suspected to be compromised.

John Hammond, the senior security researcher at Huntress Labs, mentioned the ransomware infected roughly 30 managed service providers, allowing it to spread to well over 1,000 businesses. Further, Security firm ESET added that they know of victims in 17 countries, including Canada, South Africa, the United Kingdom, New Zealand, Indonesia, and Kenya.

According to a Kaseya update, about 60 of their clients were compromised, with fewer than 1,500 companies affected.

It is to be noted that Dutch researchers discovered multiple zero-day vulnerabilities in the company’s software while inspecting the security of web-based admin tools. The bugs were conveyed to Kaseya and being patched when the hackers attacked, revealed Victor Gevers, head of the group of researchers.

REvil confirmed to have conducted the attack through a post on a dark website, believed to be owned by the ransomware organization and said it would publicly reveal a decryption tool if paid USD 70 million in bitcoin.

Source Credit- https://techcrunch.com/2021/07/05/kaseya-hack-flood-ransomware/

  • share
  • Twitter
  • Facebook
  • LinkedIn

About Author

Pranali Mehta

Pranali Mehta    

Pranali Mehta boasts of over three years of experience as a content writer. Having completed her graduation in chemical engineering, she worked as safety & environment associate in a chemical company for a year. Harnessing her passion for writing however, Pranali deci...

Read More >>

More News By Pranali Mehta

Indian fintech startup Clear secures USD 75 million in Series C funding
Indian fintech startup Clear secures USD 75 million in Series C funding
By Pranali Mehta

Clear (earlier known as ClearTax) has reportedly secured USD 75 million in a Series C funding round, which was led by Kora Capital. The latest funding round also saw participation from global fintech giant Stripe, Think Investments, Alua Capital, and...

CredAble bags USD 30 Mn Series B funding to expand product portfolio
CredAble bags USD 30 Mn Series B funding to expand product portfolio
By Pranali Mehta

Financing company CredAble recently raised USD 30 million in Series B funding to further develop its platform for providing working capital solutions especially for small businesses and developing innovative debt capital products for corporates and f...

FourKites launches new AI-based Dynamic ETA® for Ocean Shipping
FourKites launches new AI-based Dynamic ETA® for Ocean Shipping
By Pranali Mehta

FourKites, one of the world's leading real-time supply chain prominence platforms, has introduced an innovative industry-first AI-powered Dynamic ETA® for Ocean, as part of its Dynamic OceanSM contribution. As per sources, the new addition o...