Jump to content
The Great Escape Online Community

[Slashdot] - REvil Ransomware Hits 200 Companies In MSP Supply-Chain Attack


Admin
 Share

Recommended Posts

A massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack. Bleeping Computer reports: Starting this afternoon, the REvil ransomware gang targeted approximately eight large MSPs, with thousands of customers, through what appears to be a Kaseya VSA supply-chain attack. Kaseya VSA is a cloud-based MSP platform that allows providers to perform patch management and client monitoring for their customers. Huntress Labs' John Hammond has told BleepingComputer that all of the affected MSPs are using Kaseya VSA and that they have proof that their customers are being encrypted as well. "We have 3 Huntress partners that are impacted with roughly 200 businesses encrypted," Hammond told BleepingComputer. Kasey issued an security advisory on their help desk site warniong all VSA customers to immediately shut down their VSA server to prevent the attack's spread while they investigate. In a statement to BleepingComputer, Kaseya stated that they have shut down their SaaS servers and are working with other securty firms to investigate the incident. A sample of the REvil ransomware used in one of these attacks has been shared with BleepingComputer. However, it is unknown if this is the sample used for every victim or if each MSP received its own ransom demand. The ransomware gang is demanding a $5,000,000 ransom to receive a decryptor from one of the samples. While REvil is known to steal data before deploying the ransomware and encrypting devices, it is unknown if the attackers exfiltrated any files.

twitter_icon_large.png facebook_icon_large.png

Read more of this story at Slashdot.

qbllMp0EfKk

View the full article

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using The Great Escaped Online Community, you agree to our Privacy Policy and Terms of Use