Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Kaseya suffered a ransomware attack, affecting a series of other technology companies
On July 2, Kaseya revealed they were the victims of a "potential attack", implying that the hacker had somehow hacked into users of the company's VSA product. Kaseya warns customers to turn off VSA "immediately".
While the company claims the attack only affected a "small number" of customers, given the vast coverage of Kaseya, the impact is sizable - potentially becoming one of the major ransomware attacks most in history.
Kaseya sells its products to companies known as managed service providers (MSPs) - companies that provide remote information technology services to small businesses that don't have the resources or IT staff.
MSPs use Kaseya's VSA cloud platform to help manage and send software updates to their customers, as well as to manage other user issues.
However, according to Record, a ransomware gang abuses the VSA by "using a malicious update" to infect "companies around the world."
While it's unclear the exact mechanism of the attack or how and when it happened, security experts say ransomware not only affects MSPs using VSA, but also their customers.
In other words, the ransomware appears to have hit hundreds of smaller businesses that use MSPs for IT support.
According to Gizmodo, three customers of Huntress Security Company using MSP and VSA were affected by the attack. The result could lead to 200 smaller businesses that rely on that MSP being attacked with encryption.
'We know there are four MSPs - three in the US and one overseas - all customers affected,' said John Hammond, senior security expert at Huntress. I have evidence that it has spread via VSA to all MSP customers. Based on everything we have, we strongly believe the culprit is REvil/Sodinikibi."
REvil is a well-known cybercriminal gang that has used ransomware to hunt down "lucky prey", including Apple and Acer. This is also believed to be the gang that attacked the meat supplier JBS, successfully demanding a ransom of 11 million USD.
US cybersecurity watchdogs are investigating and resolving the incident related to the attack on Kaseya.
"CISA encourages companies to consider Kaseya's recommendation and follow instructions to shut down VSA servers immediately," CISA said.
Kareem WintersYou should read it
- Why is Ransomware the perfect hack?
- What is Ransomware Task Force (RTF)?
- Ransomware can encrypt cloud data
- Hackers can use Ransomware to attack and control robots
- Top 5 biggest ransomware attacks in 2021
- Learn about Ransomware: 6 ransomware on computers
- Ransomware appeared to fake Edge browser updates, extorting users with Bitcoin
- List of the 3 most dangerous and scary Ransomware viruses
May be interested
- How Can Zero-Trust Security Prevent Ransomware Attacks?
the zero-trust model requires strict identity verification with all users and devices before granting them access to resources, regardless of whether they are in or out of the network. - 7 kinds of ransomware you didn't expectmost people know the process of making a ransomware, which is why ransomware creators are always looking to find and create new ransomware to make you pay. here are some new ransomware you should know.
- Ransomware can attack the CPU, not just the operating system: How to prevent it?ransomware is a serious problem in its current state and is only going to get worse. any security programs and measures will be rendered useless when ransomware attacks the cpu.
- Learn about Ransomware: 6 ransomware on computerswhat is ransomware? are there any other ransomware? how does ransomware attack computers and demand ransom from users?
- Detecting two unusual versions of ransomware, shows that the world of ransomware has become diversifiedinternational cybersecurity researchers recently found two completely new types of ransomware that are quite strange. they carry very different and rarely recorded features, which are the alarm bells, showing that the world of ransomware has become diverse.
- PureLocker - a very 'weird' ransomware strain that can encrypt serverspurelocker: new ransomware strain with an unusual attack mechanism
- Download and sell Windows patches for all versions to avoid being hit by a massive cyber attack, affecting 150 countries and still spreadinga large-scale network attack is spreading globally, downloading windows updates immediately for prevented versions.
- If you don't want to be a victim of Ransomware, read this articleno matter what platform you are using, your computer, tablet or smartphone, remember to always update the updates available to upgrade your device version to ensure safety.
- Shade Ransomware stopped working, apologized to the victims, and released 750,000 decryption keysthe people behind the operation of shadow ransomware have officially issued a statement of decommissioning, released over 750,000 decryption keys, and publicly apologized for the damage they have caused to the victims.
- 4 recommendations to limit risks from ransomwareransomware is a common form of cyber attack, appearing in many fields. understanding how it works will help your organization protect against future threats.
Attack the network
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- Warning: Babuk Locker Ransomware is Active Again, Attacking the World
- Google launches new platform to help prevent Supply Chain attacks
- NVIDIA Jetson chipset contains a series of security holes that allow data theft, DDoS attacks
- Most Android anti-virus software cannot detect malicious APK files
- Paradise ransomware source code shared on hacker forum
'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
Warning: Babuk Locker Ransomware is Active Again, Attacking the World
Google launches new platform to help prevent Supply Chain attacks
NVIDIA Jetson chipset contains a series of security holes that allow data theft, DDoS attacks
Most Android anti-virus software cannot detect malicious APK files
Paradise ransomware source code shared on hacker forum