Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware

Kaseya REvil Ransomware Attack

Threat actors behind the notorious REvil cybercrime operation appear to have pushed ransomware via an update for Kaseya’s IT management software, hitting around 40 customers worldwide, in what’s an instance of a widespread supply-chain ransomware attack.

“Beginning around mid-day (EST/US) on Friday, July 2, 2021, Kaseya’s Incident Response team learned of a potential security incident involving our VSA software,” the company’s CEO Fred Voccola said in a statement shared late Friday.

Stack Overflow Teams

Following the incident, the IT and security management services company said it took immediate steps to shut down its SaaS servers as a precautionary measure, in addition to notifying its on-premises customers to shut down their VSA servers to prevent them from being compromised.

Kaseya REvil Ransomware Attack

Voccola also said the company has identified the source of the vulnerability and that it’s readying a patch to mitigate the ongoing issues. In the interim, the company also noted it intends to keep all on-premise VSA servers, SaaS, and hosted VSA servers shut down until it’s safe to resume operations.

According to Sophos Malware Analyst Mark Loman, the industry-wide supply-chain attack leverages Kaseya VSA to deploy a…

http://feedproxy.google.com/~r/TheHackersNews/~3/uGshBztopNw/kaseya-revil-ransomware-attack.html

Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware 1
Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware 2
Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware 3
Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware 4
Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware 5

Have a comment? Type it below!