Ransomware attack on software manager hits 200 companies


A successful ransomware attack against a single company has spread to at least 200 organizations, according to cybersecurity firm Huntress Labs, making it one of the largest waves of criminal ransomware in history.

The attack, first revealed on Friday afternoon, is believed to be affiliated with the prolific REvil ransomware gang and perpetuated by Kaseya, an international company that remotely controls programs for companies that, in turn, run Internet services for businesses.

Kaseya announced on Friday afternoon he was attacked by hackers and warned all of his customers to immediately stop using his service.

At least four of Kaseya’s immediate customers have been hacked, said John Hammond, senior security researcher at Huntress, who is contributing to Kaseya’s response.

Since these Kaseya customers run countless businesses, it’s unclear how many will fall victim to ransomware over the weekend, but the Huntress count is already around 200, Hammond said, and that number. should increase.

The timing, just before the 4th of July weekend, is probably not a coincidence. Ransomware hackers often schedule their attacks to start at the start of the vacation or weekend, as this minimizes the number of cybersecurity professionals who might be able to quickly jump in and stop the malware from spreading.

The malware used to encrypt victims’ computers appears to be similar to the type normally used by REvil, a ransomware gang made up largely of Russian speakers, several the researchers found. In the past, REvil has attempted “supply chain” compromises, where a hacker attacks a target connected to multiple organizations, in the hope that a successful compromise will lead to many more.

the Announcement by the U.S. Agency for Cyber ​​and Infrastructure Security Friday night he “takes steps to understand and deal with” the attack.

Source link


About Author

Shawn Beecher

Comments are closed.