Article 5KYCJ Up to 1,500 businesses infected in one of the worst ransomware attacks ever

Up to 1,500 businesses infected in one of the worst ransomware attacks ever

by
Dan Goodin
from Ars Technica - All content on (#5KYCJ)
ransomware-screen-800x600.jpeg

Enlarge (credit: Suebsiri Srithanyarat / EyeEm / Getty Images)

As many as 1,500 businesses around the world have been infected by highly destructive malware that first struck software maker Kaseya. In one of the worst ransom attacks ever, the malware, in turn, used that access to fell Kaseya's customers.

The attack struck on Friday afternoon in the lead-up to the three-day Independence Day holiday weekend in the US. Hackers affiliated with REvil, one of ransomware's most cutthroat gangs, exploited a zero-day vulnerability in the Kaseya VSA remote management service, which the company says is used by 35,000 customers. The REvil affiliates then used their control of Kaseya's infrastructure to push a malicious software update to customers, who are primarily small-to-midsize businesses.

Continued escalation

In a statement posted on Monday, Kaseya said that roughly 50 of its customers were compromised. From there, the company said, 800 to 1,500 businesses that are managed by Kaseya's customers were infected. REvil's site on the dark web claimed that more than 1 million targets were infected in the attack and that the group was demanding $70 million for a universal decryptor.

Read 19 remaining paragraphs | Comments

index?i=q0h5EyjaSIk:_1wlZccUjo4:V_sGLiPB index?i=q0h5EyjaSIk:_1wlZccUjo4:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments