REvil Ransomware Attacks Systems Using Kaseya’s Remote IT Management Software

REvil Ransomware Attacks Systems Using Kaseya’s Remote IT Management Software

According to a report from Bleeping Computer, the attack targeted six large MSPs and has encrypted data for as many as 200 companies. At DoublePulsar, Kevin Beaumont has posted more details about how the attack seems to work, with REvil ransomware arriving via a Kaseya update and using the platform’s administrative privileges to infect systems. Once the Managed Service Providers are infected, their systems can attack the clients that they provide remote IT services for (network management, system updates, and backups, among other things).

News Flash: cybercriminals are a$$holes. Keep all the Incident Response teams in mind this holiday weekend as they’re in the thick of it…again. If you use Kaseya VSA, shut it down *now* until told to reactivate and initiate IR. Here’s the binary: https://t.co/NIuGJZW84p https://t.co/GSXPlOPjFt — Chris Krebs (@C_C_Krebs) July 2, 2021 In a statement, Kaseya told The Verge that “We are investigating a potential attack against the VSA that indicates to have been limited to a small number of our on-premises customers only.” A notice claims that all of its cloud servers are now in “maintenance mode,” a move that the spokesperson said is being taken due to an “abundance of caution.”

We are investigating a potential attack against the VSA that indicates to have been limited to a small number of our on-premises customers only. We have proactively shut down our SaaS servers out of an abundance of caution. We are in the process of investigating the root cause of the incident with the utmost vigilance, we have:

a. Notified all of our on-premise customers to immediately shutdown their VSA servers b. Shutdown our SaaS Servers We have been further notified by a few security firms of the issue and we are working closely with them as well. While we continue to investigate the incident, we will update our customers (and interested parties) as we have more information.

Dana Liedholm – SVP, Corporate Communications Kaseya Today’s attack has been linked to the notorious REvil ransomware gang (already linked to attacks on Acer and meat supplier JBS earlier this year), and The Record notes that, collecting incidents under more than one name, this may be the third time Kaseya software has been a vector for their exploits.

The News Highlights

  • REvil Ransomware Attacks Systems Using Kaseya’s Remote IT Management Software
  • Check the latest world news updates and information about business, finance, technology and more.
  • Check the latest update on tech news
Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
In mid-2022, a MacBook Air with a mini-LED screen upgrade will be available
Before we say our goodbyes, the Intel 16-inch MacBook Pro is around €2000
The MacBook Pro 16″ still dominates the MacBook M1 in graphics and in some other aspects (number of Thunderbolt ports, number of managed displays…), but we ...
Guide To Using Multiple WhatsApp Accounts On Desktop
WhatsApp multi-device functionality is now available on iOS, which is great news for Apple iPhone owners
More From This Section In case you missed all the hullabaloo around this feature, here’s a quick guide for you. WhatsApp’s upcoming multi-device ...
Crypto looks like the dot-com space of the 1990s, and bitcoin may not survive it, says chief investment officer |  Currency news |  Financial and business news
700 workers will lose jobs on sale of People’s United Bank
M&T Bank’s planned purchase of People’s United Financial Inc. in an all-stock deal valued around $7.6 billion was announced in February. Branches of ...
Flock for the Box raises money for Safe Haven Baby Boxes
Flock for the Box raises money for Safe Haven Baby Boxes
There are currently around 75 Safe Haven Baby Boxes installed around the country. “Without the boxes, we don’t know what our daughter’s story would have ...
Tunisians protest COVID rise and economy suffers |  Coronavirus Pandemic News
Tunisians protest COVID rise and economy suffers | Coronavirus Pandemic News
“Our patience has run out … there are no solutions for the unemployed,” Nourredine Selmi, 28, a jobless protester, told Reuters news agency. “They cannot ...
Why Is Apple Holding Off on RCS?
Why Is Apple Holding Off on RCS?
As of right now, Apple hasn’t said anything about adopting RCS for iPhones. No plans, no updates, nothing. Which makes us all wonder if the company is ...
Jail for Louisiana Tax Preparer for Fraud
Jail for Louisiana Tax Preparer for Fraud
Prosecutors said Adams filed a false tax return for tax year 2013 stating that her adjusted gross income was $166,011, when in it was really much higher, ...
Valley News – Forum, July 25: Don’t Blame Teachers for Health Costs
Valley News – Forum, July 25: Don’t Blame Teachers for Health Costs
It is past time to remove this burden. We should not be blaming the teachers. Every person deserves health care and we should pay progressively for it. This is ...
France: Macron calls for unity after anti-vaccine protests
France: Macron calls for unity after anti-vaccine protests
While he said protesters are “free to express themselves in a calm and respectful manner,” he said demonstrations won’t make the coronavirus go away. “I want ...
Doctors warn of slightly different symptoms with the delta variant of COVID
Doctors warn of slightly different symptoms with the delta variant of COVID
“The delta variant has slightly different symptoms compared to the original virus. You may not get the loss of taste & smell. The delta variant could cause ...
Show next
Compsmag - Latest News from tech, business and health
Logo