Thousands of Kaseya clients fall prey to REvil ransomware attack
Category: #headlines  By Pranali Mehta  Date: 2021-07-07
  • share
  • Twitter
  • Facebook
  • LinkedIn
Thousands of Kaseya clients fall prey to REvil ransomware attack

Reportedly, hundreds of clients using the network management and remote-control software developed by the U.S. technology firm Kaseya were hit by file-encrypting malware, causing commotion and temporary closure of businesses.

For those unfamiliar, the Miami-based firm develops software for remotely managing a company's IT networks and devices. The software is sold to managed service providers, particularly outsourced IT departments, for managing the networks of their customers, typically smaller businesses.

Sources with knowledge of the matter stated that the hackers linked to Russia's REvil ransomware-as-a-service group are said to have sent malware to Kaseya's customers via an unexplored security flaw in the software's update mechanism, which then spread downstream to their customers.

Many of the victim firms may not have been aware that Kaseya's software was monitoring their networks. Kaseya advised clients to immediately switch off their on-premise servers, and its cloud service was taken down as a precaution, even though it was not suspected to be compromised.

John Hammond, the senior security researcher at Huntress Labs, mentioned the ransomware infected roughly 30 managed service providers, allowing it to spread to well over 1,000 businesses. Further, Security firm ESET added that they know of victims in 17 countries, including Canada, South Africa, the United Kingdom, New Zealand, Indonesia, and Kenya.

According to a Kaseya update, about 60 of their clients were compromised, with fewer than 1,500 companies affected.

It is to be noted that Dutch researchers discovered multiple zero-day vulnerabilities in the company’s software while inspecting the security of web-based admin tools. The bugs were conveyed to Kaseya and being patched when the hackers attacked, revealed Victor Gevers, head of the group of researchers.

REvil confirmed to have conducted the attack through a post on a dark website, believed to be owned by the ransomware organization and said it would publicly reveal a decryption tool if paid USD 70 million in bitcoin.

Source Credit- https://techcrunch.com/2021/07/05/kaseya-hack-flood-ransomware/

  • share
  • Twitter
  • Facebook
  • LinkedIn

About Author

Pranali Mehta

Pranali Mehta    

Pranali Mehta boasts of over three years of experience as a content writer. Having completed her graduation in chemical engineering, she worked as safety & environment associate in a chemical company for a year. Harnessing her passion for writing however, Pranali deci...

Read More >>

More News By Pranali Mehta

At-Bay secures $185 Million in Series D funding; values at $1.35 Billion
At-Bay secures $185 Million in Series D funding; values at $1.35 Billion
By Pranali Mehta

The Series D round marks as At-Bay’s third round in the past 18 months The company recently recorded $160 million in annual recurring revenue At-Bay, a leading cyber insurance company, has banked $185 million in a Series D financing round ...

Microsoft records highest performing quarter driven by cloud growth
Microsoft records highest performing quarter driven by cloud growth
By Pranali Mehta

Multinational tech giant Microsoft Corp. has announced quarterly results, which reported its most profitable quarter. The company’s earnings and revenue beat Wall Street’s consensus as surging demand for cloud services counterbalanced the...

Sun Pharma inks deal to commercialize Winlevi in Canada and the U.S.
Sun Pharma inks deal to commercialize Winlevi in Canada and the U.S.
By Pranali Mehta

Cassiopea S.p.A will be the exclusive supplier, as per the new agreement. Sun Pharma’s share price grew by 1.06% to 9.43 USD following the announcement. Sun Pharmaceutical Industries Limited announced to have signed an agreement with Cassi...