Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Kaseya suffered a ransomware attack, affecting a series of other technology companies
On July 2, Kaseya revealed they were the victims of a "potential attack", implying that the hacker had somehow hacked into users of the company's VSA product. Kaseya warns customers to turn off VSA "immediately".
While the company claims the attack only affected a "small number" of customers, given the vast coverage of Kaseya, the impact is sizable - potentially becoming one of the major ransomware attacks most in history.
Kaseya sells its products to companies known as managed service providers (MSPs) - companies that provide remote information technology services to small businesses that don't have the resources or IT staff.
MSPs use Kaseya's VSA cloud platform to help manage and send software updates to their customers, as well as to manage other user issues.
However, according to Record, a ransomware gang abuses the VSA by "using a malicious update" to infect "companies around the world."
While it's unclear the exact mechanism of the attack or how and when it happened, security experts say ransomware not only affects MSPs using VSA, but also their customers.
In other words, the ransomware appears to have hit hundreds of smaller businesses that use MSPs for IT support.
According to Gizmodo, three customers of Huntress Security Company using MSP and VSA were affected by the attack. The result could lead to 200 smaller businesses that rely on that MSP being attacked with encryption.
'We know there are four MSPs - three in the US and one overseas - all customers affected,' said John Hammond, senior security expert at Huntress. I have evidence that it has spread via VSA to all MSP customers. Based on everything we have, we strongly believe the culprit is REvil/Sodinikibi."
REvil is a well-known cybercriminal gang that has used ransomware to hunt down "lucky prey", including Apple and Acer. This is also believed to be the gang that attacked the meat supplier JBS, successfully demanding a ransom of 11 million USD.
US cybersecurity watchdogs are investigating and resolving the incident related to the attack on Kaseya.
"CISA encourages companies to consider Kaseya's recommendation and follow instructions to shut down VSA servers immediately," CISA said.
Kareem WintersYou should read it
- Why is Ransomware the perfect hack?
- What is Ransomware Task Force (RTF)?
- Ransomware can encrypt cloud data
- Hackers can use Ransomware to attack and control robots
- Top 5 biggest ransomware attacks in 2021
- Learn about Ransomware: 6 ransomware on computers
- Ransomware appeared to fake Edge browser updates, extorting users with Bitcoin
- List of the 3 most dangerous and scary Ransomware viruses
May be interested
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
although microsoft releases patches for windows vulnerabilities on a monthly basis, there are still security issues that remain. recently, the us cybersecurity and infrastructure agency (cisa) reported a critical vulnerability in the windows print spooler system. - Warning: Babuk Locker Ransomware is Active Again, Attacking the Worldafter a 3-month hiatus under the name babuk locker, it has returned to creating custom ransomware executables that now target victims around the world.
- Google launches new platform to help prevent Supply Chain attackssupply chain attack is a very dangerous type of attack and often has serious consequences.
- NVIDIA Jetson chipset contains a series of security holes that allow data theft, DDoS attacksa series of new critical security vulnerabilities have been found in the jetson chip framework (nvidia) that could affect millions of active graphics cards worldwide.
- Most Android anti-virus software cannot detect malicious APK filesapk file containing malicious code is a method that hackers often use to attack android users. unlike ios, android users can download and install apps from third-party app stores or download the app's apk file and install it themselves.
- Paradise ransomware source code shared on hacker forumthe entire source code of the paradise ransomware has been shared on a hacker forum called xss.is. based on this source code, even novice cybercriminals can create their own custom ransomware.
Why is Ransomware the perfect hack?
Hackers can use Ransomware to attack and control robots
Vista suffered the first attack
Top 5 biggest ransomware attacks in 2021
NVIDIA suffered a cyber attack, massive damage estimated